Well, yeah, ultimately you are on the mark in that browsing with Mozilla is "safer" than browsing with IE. Not because Mozilla does anything all that great, but because IE has some deeper issues and is hooked into everything. But, like MS's stuff and Netscape before it, Mozilla is really supposed to be a 'platform' design, and that means one can do a lot of things with it, both good and bad.
I guess I just saw one too many "Mozilla feeds the starving children" posts and reacted poorly. Glad we got past the flaming.
Well, thanks for going to all the effort, but like I said, I'm quite aware of the crappy security surrounding ActiveX (and have disabled it on my machine).
But that misses my main point, which is that Mozilla is equally vulnerable to these sorts of problems. If someone can get you to install an exploitable plugin (your example, Flash), any webpage can perform malicious activities on your system.
Much of the fear surrounding ActiveX came about when MS proposed it as an alternate to sandboxed Java applets and IE 3.0 came with some horrible out-of-the-box settings. But it's really nothing more than a means of automating the installation of browser plugins or other software from a webpage.
Mozilla has created similar technology (XUL?), and I'm sure you're familiar with the "Do you want to install [Blah]?" dialog. Press Yes and anything goes, just like ActiveX. It could even be ActiveX you are installing -- you really have no way of knowing, and there's no protective sandbox. There's not even a checksum/signature check like in IE.
The upside for Mozilla is "security through unpopularity". But when mozilla.org was founded, Netscape had ~50% marketshare, and they would like to get back to those levels. When they do, problems with "skin"- and "plugin"-related exploits will be as common as ActiveX exploits are today.
.....
I think most worrisome from a 'design' standpoint is the myriad of IE cross-frame script bugs you listed and the numerous ways to defeat their "zone" system. It really seems that whole mess is fundementally flawed. OTOH, Mozilla really doesn't have a "zone" system where some pages are considered safer than others, so maybe that's a wash.
The fact that IE is so heavily reused is problem too. It's not so much that it's 'hooked into the OS' as it is hooked into Outlook, IM programs, the Windows Explorer, and numerous other applications. That gives multiple entrypoints for an attack.
Wake up man. You're playing a pure advocacy game here.
You can't reply to the technical point, so the only thing you've got is to cast those who disagree as IE/MS lovers, without evidence. The real question is why -- what's in it for you to play Us vs Them? That and misinformation is not helping your cause.
FWIW, I use both IE and Mozilla, but my IE is so locked down that's pretty much useless on any sort of complex site. I'm not happy with the naive extendability of either browser.
Crazy Philman successfully dodges the point about Mozilla's Plugin system being functionally equivilent to ActiveX. Is it because he wants to preserved his own proud stupidity on the matter, or is he an AOL astroturfer? Perhaps he believes his heroic anti-M$ bullshit in the bowels of slashdot really really make a difference.
Intlharvester continues on using Mozilla, Phoenix, Camino, etc, being careful what he clicks on.
You will note that this extension installs in a couple clicks with no certificate check, which ought to tell you that the Mozilla plug-in mechanism itself is no safer than ActiveX.
Mozilla will *always* be safer by virtue of its design.
Please name one ActiveX-related exploit that's impossible with a Mozilla plugin. I can think of a few "skin" related things that would be impossible with IE. Mozilla (like IE) is designed to be very extendable, not safe.
Unless you can back up your claims, your post really reaks of unsubtantiated FUD.
Microsoft itself doesn't put out software affected by DLL hell, but other software vendors do.
The third parties were just following Microsoft's instructions -- Windows 3.1, 95, etc never had any service packs. Microsoft didn't want to require users to obtain external software. I suppose that made some sense in the floppy disk days.
So they told third parties "If you want an upgraded system DLL, YOU ship it, and YOU install it". They also had sourcecode for many of these DLLs so that vendors could create forked versions. Furthermore, Windows never had a standard installer or method to assist vendors in installing these DLLs.
Now, instead of one consistant way of upgrading your base OS, you are at the mercy of any hack in his garage -- and they did fork DLLs, lie about versions and filedates to defeat other installers, and blindly copy files. As pointed out, even MS did this stuff. Welcome to DLL Hell.
For the most part, this has been fixed in W2K -- System DLLs are now clearly part of the OS upgrade path, and the system file protection demon prevents dumb installers from overwriting files, and there's a std installer service.
(Actually Win95 also had SFP, but it was only for 16-bit DLLs! So DLL Hell was reborn on Win32 when it could have been stopped a long time ago.)
IBM and SCO had a major joint initiative from a few years ago called "Project Monterey" that was intended to merge the codebases of AIX and SCO UNIX. Primary target was IA64.
When Linux got popular, IBM backed out that plan, and now they've pretty much backed out Itanium too.
I'm sure contracts were signed, etc -- how this will turn out really depends on the black-n-white agreements which none of us are privy too.
Back in the sunny days of 1998, when Itanium was The Future For Everyone, IBM and SCO were in bed together.
There were working on "Project Monterey" which was to be a grand-ueber replacement for both UNIXWare and AIX running on IA64.
Then Itanium got delayed like four years, Linux got hot and IBM dumped SCO ass. I can understand if there's some hurt feelings and maybe even a few bent contracts.
Your history is off -- SCO existed before Xenix as a small independent Unix-oriented consulting group.
Microsoft (a tiny company back then) purchased the AT&T license and then contracted with SCO to develop XENIX. Microsoft attempted to sell licence it to IBM but ended up getting involved in OS/2 instead.
Xenix was then "sold" back to SCO in a deal that gave MS ownership, access to the books, and a per-copy royalty. Eventually SCO wiggled out of that.
Generally when the story is on something that the readership knows something about (programming or sysadmin), the discussion is still good. Recent examples include Object Databases, the sendmail bug, high-end UNIX features missing from Linux.
OTOH, the umpteenth story about Microsoft business practices or "Your Rights Online" just invoke a bunch of canned comments. Recently they ran something like 4 MS stories in one day -- even the Jihad was getting tired.
Anyone who used Word vs WordPerfect and Lotus vs Excel back in the 1980s would know that Microsoft was doing the real user interface innovation (with help from a bunch of Xerox people they hired and a lot of influence from Apple).
WordPerfect and Lotus got popular because they were "expert interfaces" that were designed to not take up any screen space and appeal to keyboard jocks. Recall that you had to be a real hacker nerd to own a PC in the early days. (For example. someone added mouse support to 123 that was just bizarre -- it used button chording to enter commands, and was practically useless for editing cells.)
Word and Excel went the complete other direction with _good_ WIMP interfaces designed to make tasks easier without removing functionality. It was now actually possible to add a table or a graphic to your document without having a manual on your desk.
Training cost went through the floor, PCs got put on manager's desks, and there's now 100x as many PCs in the field as their used to be. Microsoft did that.
but I couldn't get Regedit to do anything but work on that installation's own Registry
1) Install 2nd copy of Windows in a different directory. 2) Use RegEdt32.exe instead of Regedit.exe. 3) Use File+Load Hive to open the other registry. 4) Edit, backup, restore at will 5) Unload the hive before exiting.
This was all documented in one of the resource kits.
Yup. It looks like Word has the exact same crappy modal formamting dialog boxes they've had since 1994. And, once again Excel's charting is identical to the stuff they put out in version 2 (1988).
Oh, but there's another variation on the toolbars and some more singing-n-dancing help screens.
Sometimes I wonder if Microsoft has lost the source and therefore is unable to any core features to Office. Or maybe they are scared shitless by the corporate training costs. Or maybe hiring more than 3 programmers would put a dent in the $Kajillion they make from Office every year.
Anyway, it would be nice if they at least took a look at Office for Mac and copied the formatting pallettes, and thought of a few "innovations" that aren't wizards or help features.
But I was arguing not the badness of IBM marketing, which is a given; I was arguing OS/2 technical superiority over MS-Win
Technical marketing and product positioning has everything to do with the goodness of the product's technology, because it determines what's in the box and what it's good for.
IBM was running around telling everyone that OS/2 was THE thing for connecting your PS/2s to your Mainframe, and then they were austounded when more universal purpose products like Windows kicked their ass, despite lacking "superiority" (which wasn't even true for NT).
In other words, by the time you spent the time and money getting OS/2 working properly, you could have bought something better. Like an AS/400 or a RS/6000. Which was probably IBM's evil master plan all along.
A great portion of those "terrible games" were from Atari themselves.
(Most of the 3rd party games were considered superior to the "certified" Atari titles. Stuff like Custers Revenge was too smalltime to matter)
Furthermore Atari forced retailers to buy those terrible games in order to get the good ones. That lead to a massive over-inventory of cartridges, which was one of the huge factors contributing to the crash.
The big difference now days is not so much certification (because 80% of everything is crap and always will be), but the fact that the console companies are very aggressive about inventory control. They get old games off the shelf and new games onto the shelf. Just the opposite of what Atari did.
Well, Microsoft made all the same coding errors the Unix people did, but that wasn't really an known issue back then.
Shit like NFS and NIS was seriously inferior to NT -- almost to it's benefit because nobody in the right mind would ever say that it was "secure". MS's hashed passwords, single login, ACLs, authenticated RPC, etc was superior -- just not superior enough to run over the Internet.
What MS missed was the underground trend in the Unix world to tighten up the technolgoy that was already in place -- better file permissions, services that don't require root, "secure by default", etc.
Are you malicious or just ignorant? Obviously SAA was part of the picture, But IBM OS/2 also has interoperability with Unix and the Net...
The question was if IBM malicious or just ignorant.
His facts are correct. IBM tried to bury the i386 because they were worried about their midrange. This torpedoed OS/2 1.x and gave the entire project a "Loser" reputation long before Win 3.1 even shipped.
IBM also heavly marketed OS/2 as part of a Mainframe integration strategy, with it's special "Extended Edition", etc. And you would be hardpressed to find any significant OS/2 deployment that wasn't in a IBM mainframe shop.
This gave customers the impression of lock-in and that their Unix and Novell machines were second-class citizens in IBM's world -- Which they were. Windows NT shipped out-of-box with TCP/IP, IPX/SPX, AppleTalk, DECNet, you name it. IBM OS/2 2.0 shipped out of box with jackshit, and then made you pay for NetBEUI and pay some more (a lot more) for TCP/IP.
Not to mention that IBM themselves FUDded the idea of OS/2 on non-PS/2 hardware... If you haven't come to the conclusion that OS/2's technical marketing was a clusterfuck from day 1, something's wrong.
Now I suspect at this point you are going to mention something about Warp 4.0 and so on, but trust me, OS/2 was already dead in the grave by then even at IBM.
Novell was very interested in clients -- DOS clients. The low-memory usage, stability, and performance of their DOS client was their #1 advantage.
Now Microsoft comes along with NT. Everyone knows they are targetting Novell directly with File&Print. Like Lotus and WordPerfect Novell is stuck with the 640K mentality and fear 32-bit systems. They also have 80% of the current market. Why should they help Microsoft eat their lunch by providing them a client?
Except it backfires -- MS not only reverse-engineers a NetWare client, they reverse engineer the NetWare Server. Now NT is a drop in replacement. Plus NT runs all those new TCP/IP services NetWare doesn't run. In 3 years it's all over.
As for IBM, the sad thing was that they tried to squash PowerPC when OS/2 failed to ship on it. Not that anyone would have really bought NT/PPC (see Alpha).
For example, the HUGE reliance on RPC for remote administration in place of timesharing access. (Which most NT admins don't even seem to know about anyway...)
It's not that they didn't think about networks -- networking is completely core to the system. But their entire philosophy is incompatible with the idea of untrusted networks like the Internet, and it's bit them in the ass over and over again. (to be fair, Unix has had many similar problems)
The place I was working at in 1994 stuck their NT 3.51 servers directly on the Internet so that users could login from home. When they were hacked, they yelped how Microsoft said it was "secure". MS just didn't have any sense of security outside of a LAN where you 'trusted' everyone anyway. (It turned out that many of the old LanMan exploits published in the 80s worked against NT.)
The article pretty much hits on the main point of contention between IBM and Microsoft -- IBM just wasn't interested in their Windows project.
There was a simmering fight over whether OS/2 should be "Protected Mode Windows" or whether Windows should be "Presentation Manager for DOS". Since neither platform had that many users or developers at the time, it could have gone either way.
The key characteristic of the new API, eventually named Win32, is that, though it was a new API, it looked and acted just like the 16-bit Windows APIs, letting developers easily move to the new system and port their applications. "We made it possible to move 16-bit applications to NT very easily,"
While they make this sound like a Gee Whiz revelation, but in fact Microsoft wanted Windows compatibility in OS/2 from the beginning and IBM wanted a unique API.
Since IBM wore the pants, they won the day originally. However this really bit them in the ass with the the subsequent popularity of Windows 3, because it was difficult to target OS/2, so software was either missing or dismissed as a poor Windows port.
Not that Win32 was a huge success in the early years either -- most software had to be run in the Win 3.1 emulation, and even MS themselves only belatedly produced a 32-bit version of Office and not much other software.
Slashdot Mirror
I had an Osborne 1 in my possession a couple years back, which I sold. Some pics of the system with the software bundle, etc
Well, yeah, ultimately you are on the mark in that browsing with Mozilla is "safer" than browsing with IE. Not because Mozilla does anything all that great, but because IE has some deeper issues and is hooked into everything. But, like MS's stuff and Netscape before it, Mozilla is really supposed to be a 'platform' design, and that means one can do a lot of things with it, both good and bad.
I guess I just saw one too many "Mozilla feeds the starving children" posts and reacted poorly. Glad we got past the flaming.
Well, thanks for going to all the effort, but like I said, I'm quite aware of the crappy security surrounding ActiveX (and have disabled it on my machine).
But that misses my main point, which is that Mozilla is equally vulnerable to these sorts of problems. If someone can get you to install an exploitable plugin (your example, Flash), any webpage can perform malicious activities on your system.
Much of the fear surrounding ActiveX came about when MS proposed it as an alternate to sandboxed Java applets and IE 3.0 came with some horrible out-of-the-box settings. But it's really nothing more than a means of automating the installation of browser plugins or other software from a webpage.
Mozilla has created similar technology (XUL?), and I'm sure you're familiar with the "Do you want to install [Blah]?" dialog. Press Yes and anything goes, just like ActiveX. It could even be ActiveX you are installing -- you really have no way of knowing, and there's no protective sandbox. There's not even a checksum/signature check like in IE.
The upside for Mozilla is "security through unpopularity". But when mozilla.org was founded, Netscape had ~50% marketshare, and they would like to get back to those levels. When they do, problems with "skin"- and "plugin"-related exploits will be as common as ActiveX exploits are today.
.....
I think most worrisome from a 'design' standpoint is the myriad of IE cross-frame script bugs you listed and the numerous ways to defeat their "zone" system. It really seems that whole mess is fundementally flawed. OTOH, Mozilla really doesn't have a "zone" system where some pages are considered safer than others, so maybe that's a wash.
The fact that IE is so heavily reused is problem too. It's not so much that it's 'hooked into the OS' as it is hooked into Outlook, IM programs, the Windows Explorer, and numerous other applications. That gives multiple entrypoints for an attack.
Wake up man. You're playing a pure advocacy game here.
You can't reply to the technical point, so the only thing you've got is to cast those who disagree as IE/MS lovers, without evidence. The real question is why -- what's in it for you to play Us vs Them? That and misinformation is not helping your cause.
FWIW, I use both IE and Mozilla, but my IE is so locked down that's pretty much useless on any sort of complex site. I'm not happy with the naive extendability of either browser.
Crazy Philman successfully dodges the point about Mozilla's Plugin system being functionally equivilent to ActiveX. Is it because he wants to preserved his own proud stupidity on the matter, or is he an AOL astroturfer? Perhaps he believes his heroic anti-M$ bullshit in the bowels of slashdot really really make a difference.
Intlharvester continues on using Mozilla, Phoenix, Camino, etc, being careful what he clicks on.
Mozilla, in contrast, does not support Active X controls. So it is inherently safer, even for stupid users.
ActiveX for Mozilla
You will note that this extension installs in a couple clicks with no certificate check, which ought to tell you that the Mozilla plug-in mechanism itself is no safer than ActiveX.
Mozilla will *always* be safer by virtue of its design.
Please name one ActiveX-related exploit that's impossible with a Mozilla plugin. I can think of a few "skin" related things that would be impossible with IE. Mozilla (like IE) is designed to be very extendable, not safe.
Unless you can back up your claims, your post really reaks of unsubtantiated FUD.
"I don't think I've ever seen an e-mail from anybody at Sun on linux-kernel."
Yeah, and Sun isn't being sued for violating their UNIX licence either. Coincidence?
Microsoft itself doesn't put out software affected by DLL hell, but other software vendors do.
The third parties were just following Microsoft's instructions -- Windows 3.1, 95, etc never had any service packs. Microsoft didn't want to require users to obtain external software. I suppose that made some sense in the floppy disk days.
So they told third parties "If you want an upgraded system DLL, YOU ship it, and YOU install it". They also had sourcecode for many of these DLLs so that vendors could create forked versions. Furthermore, Windows never had a standard installer or method to assist vendors in installing these DLLs.
Now, instead of one consistant way of upgrading your base OS, you are at the mercy of any hack in his garage -- and they did fork DLLs, lie about versions and filedates to defeat other installers, and blindly copy files. As pointed out, even MS did this stuff. Welcome to DLL Hell.
For the most part, this has been fixed in W2K -- System DLLs are now clearly part of the OS upgrade path, and the system file protection demon prevents dumb installers from overwriting files, and there's a std installer service.
(Actually Win95 also had SFP, but it was only for 16-bit DLLs! So DLL Hell was reborn on Win32 when it could have been stopped a long time ago.)
IBM and SCO had a major joint initiative from a few years ago called "Project Monterey" that was intended to merge the codebases of AIX and SCO UNIX. Primary target was IA64.
When Linux got popular, IBM backed out that plan, and now they've pretty much backed out Itanium too.
I'm sure contracts were signed, etc -- how this will turn out really depends on the black-n-white agreements which none of us are privy too.
Back in the sunny days of 1998, when Itanium was The Future For Everyone, IBM and SCO were in bed together.
There were working on "Project Monterey" which was to be a grand-ueber replacement for both UNIXWare and AIX running on IA64.
Then Itanium got delayed like four years, Linux got hot and IBM dumped SCO ass. I can understand if there's some hurt feelings and maybe even a few bent contracts.
Your history is off -- SCO existed before Xenix as a small independent Unix-oriented consulting group.
Microsoft (a tiny company back then) purchased the AT&T license and then contracted with SCO to develop XENIX. Microsoft attempted to sell licence it to IBM but ended up getting involved in OS/2 instead.
Xenix was then "sold" back to SCO in a deal that gave MS ownership, access to the books, and a per-copy royalty. Eventually SCO wiggled out of that.
I dunno. $25M means that IBM owns UNIX. And nobody can sue them for a billion dollars.
Then again, there might be anti-trust restrictions preventing IBM from doing so.
Anyone have an idea what Sun paid for their perpetual UNIX licence?
Generally when the story is on something that the readership knows something about (programming or sysadmin), the discussion is still good. Recent examples include Object Databases, the sendmail bug, high-end UNIX features missing from Linux.
OTOH, the umpteenth story about Microsoft business practices or "Your Rights Online" just invoke a bunch of canned comments. Recently they ran something like 4 MS stories in one day -- even the Jihad was getting tired.
Anyone who used Word vs WordPerfect and Lotus vs Excel back in the 1980s would know that Microsoft was doing the real user interface innovation (with help from a bunch of Xerox people they hired and a lot of influence from Apple).
WordPerfect and Lotus got popular because they were "expert interfaces" that were designed to not take up any screen space and appeal to keyboard jocks. Recall that you had to be a real hacker nerd to own a PC in the early days. (For example. someone added mouse support to 123 that was just bizarre -- it used button chording to enter commands, and was practically useless for editing cells.)
Word and Excel went the complete other direction with _good_ WIMP interfaces designed to make tasks easier without removing functionality. It was now actually possible to add a table or a graphic to your document without having a manual on your desk.
Training cost went through the floor, PCs got put on manager's desks, and there's now 100x as many PCs in the field as their used to be. Microsoft did that.
but I couldn't get Regedit to do anything but work on that installation's own Registry
1) Install 2nd copy of Windows in a different directory.
2) Use RegEdt32.exe instead of Regedit.exe.
3) Use File+Load Hive to open the other registry.
4) Edit, backup, restore at will
5) Unload the hive before exiting.
This was all documented in one of the resource kits.
Yup. It looks like Word has the exact same crappy modal formamting dialog boxes they've had since 1994. And, once again Excel's charting is identical to the stuff they put out in version 2 (1988).
Oh, but there's another variation on the toolbars and some more singing-n-dancing help screens.
Sometimes I wonder if Microsoft has lost the source and therefore is unable to any core features to Office. Or maybe they are scared shitless by the corporate training costs. Or maybe hiring more than 3 programmers would put a dent in the $Kajillion they make from Office every year.
Anyway, it would be nice if they at least took a look at Office for Mac and copied the formatting pallettes, and thought of a few "innovations" that aren't wizards or help features.
But I was arguing not the badness of IBM marketing, which is a given; I was arguing OS/2 technical superiority over MS-Win
Technical marketing and product positioning has everything to do with the goodness of the product's technology, because it determines what's in the box and what it's good for.
IBM was running around telling everyone that OS/2 was THE thing for connecting your PS/2s to your Mainframe, and then they were austounded when more universal purpose products like Windows kicked their ass, despite lacking "superiority" (which wasn't even true for NT).
In other words, by the time you spent the time and money getting OS/2 working properly, you could have bought something better. Like an AS/400 or a RS/6000. Which was probably IBM's evil master plan all along.
A great portion of those "terrible games" were from Atari themselves.
(Most of the 3rd party games were considered superior to the "certified" Atari titles. Stuff like Custers Revenge was too smalltime to matter)
Furthermore Atari forced retailers to buy those terrible games in order to get the good ones. That lead to a massive over-inventory of cartridges, which was one of the huge factors contributing to the crash.
The big difference now days is not so much certification (because 80% of everything is crap and always will be), but the fact that the console companies are very aggressive about inventory control. They get old games off the shelf and new games onto the shelf. Just the opposite of what Atari did.
Virtual PC previously showed up as the 16-bit emulator in early versions of NT for RISC. It might be useful on 64-bit platforms like Itanium.
Well, Microsoft made all the same coding errors the Unix people did, but that wasn't really an known issue back then.
Shit like NFS and NIS was seriously inferior to NT -- almost to it's benefit because nobody in the right mind would ever say that it was "secure". MS's hashed passwords, single login, ACLs, authenticated RPC, etc was superior -- just not superior enough to run over the Internet.
What MS missed was the underground trend in the Unix world to tighten up the technolgoy that was already in place -- better file permissions, services that don't require root, "secure by default", etc.
Are you malicious or just ignorant? Obviously SAA was part of the picture, But IBM OS/2 also has interoperability with Unix and the Net ...
... If you haven't come to the conclusion that OS/2's technical marketing was a clusterfuck from day 1, something's wrong.
The question was if IBM malicious or just ignorant.
His facts are correct. IBM tried to bury the i386 because they were worried about their midrange. This torpedoed OS/2 1.x and gave the entire project a "Loser" reputation long before Win 3.1 even shipped.
IBM also heavly marketed OS/2 as part of a Mainframe integration strategy, with it's special "Extended Edition", etc. And you would be hardpressed to find any significant OS/2 deployment that wasn't in a IBM mainframe shop.
This gave customers the impression of lock-in and that their Unix and Novell machines were second-class citizens in IBM's world -- Which they were. Windows NT shipped out-of-box with TCP/IP, IPX/SPX, AppleTalk, DECNet, you name it. IBM OS/2 2.0 shipped out of box with jackshit, and then made you pay for NetBEUI and pay some more (a lot more) for TCP/IP.
Not to mention that IBM themselves FUDded the idea of OS/2 on non-PS/2 hardware
Now I suspect at this point you are going to mention something about Warp 4.0 and so on, but trust me, OS/2 was already dead in the grave by then even at IBM.
Novell was very interested in clients -- DOS clients. The low-memory usage, stability, and performance of their DOS client was their #1 advantage.
Now Microsoft comes along with NT. Everyone knows they are targetting Novell directly with File&Print. Like Lotus and WordPerfect Novell is stuck with the 640K mentality and fear 32-bit systems. They also have 80% of the current market. Why should they help Microsoft eat their lunch by providing them a client?
Except it backfires -- MS not only reverse-engineers a NetWare client, they reverse engineer the NetWare Server. Now NT is a drop in replacement. Plus NT runs all those new TCP/IP services NetWare doesn't run. In 3 years it's all over.
As for IBM, the sad thing was that they tried to squash PowerPC when OS/2 failed to ship on it. Not that anyone would have really bought NT/PPC (see Alpha).
NT was designed in a pre-internet era
For example, the HUGE reliance on RPC for remote administration in place of timesharing access. (Which most NT admins don't even seem to know about anyway...)
It's not that they didn't think about networks -- networking is completely core to the system. But their entire philosophy is incompatible with the idea of untrusted networks like the Internet, and it's bit them in the ass over and over again. (to be fair, Unix has had many similar problems)
The place I was working at in 1994 stuck their NT 3.51 servers directly on the Internet so that users could login from home. When they were hacked, they yelped how Microsoft said it was "secure". MS just didn't have any sense of security outside of a LAN where you 'trusted' everyone anyway. (It turned out that many of the old LanMan exploits published in the 80s worked against NT.)
There was a simmering fight over whether OS/2 should be "Protected Mode Windows" or whether Windows should be "Presentation Manager for DOS". Since neither platform had that many users or developers at the time, it could have gone either way.
While they make this sound like a Gee Whiz revelation, but in fact Microsoft wanted Windows compatibility in OS/2 from the beginning and IBM wanted a unique API.
Since IBM wore the pants, they won the day originally. However this really bit them in the ass with the the subsequent popularity of Windows 3, because it was difficult to target OS/2, so software was either missing or dismissed as a poor Windows port.
Not that Win32 was a huge success in the early years either -- most software had to be run in the Win 3.1 emulation, and even MS themselves only belatedly produced a 32-bit version of Office and not much other software.
Well, if Foxnews took up 4 channels of ESPN, that would pretty much prove the "Vast, Right-wing Conspiricy", wouldn't it?