If inspiration and brilliance of design were not in some way important to people, we would all wear Mao suits or prison garb. Much more practical, you know. Easily interchangeable. No reason to have different designs just because there are two sexes.
Actually, what's most important to us is individuality. We like the fact that we're wearing something different from everyone else. We want what we wear to make a statement about our personality. If excellence of design were the primary criterion, we'd all be wearing the same clothes again -- those that were the best designed. But note that we're not.
On-seat power outlets for your laptop? Forget it.
Seatback TV screens? Not even close.
Comfy leather seats? Those are decadant luxuries of the West, don't you know.
None of these things are about creative and exciting design, either. They're about convenience, and adding additional features, and making the user comfortable. They're not exciting.
Carefully and thoughtfully and elegantly designed products are a good in and of themselves; millions of iPod users sense this even if they don't quite realize why.
The only iPod user among my friends is annoyed by his iPod's sharp edges, and is pissed off that it seems to have taken a dislike to some of his music, which it plays very rarely, while some of the tracks get played almost constantly. He also doesn't like the fact that the USB connector cover doesn't have anywhere to hold it like most other portable USB devices do, and is concerned that he'll probably lose it at some point.
In any event, we are not working in a factory, and when we work on computers all day, our comfort is essential. If the more creative software vendors realize this is most true on the Mac, and cater to it, it simply means I've chosen the right platform.
Comfort, sure. But comfort is about consistent user interfaces with logical layouts, and applications that behave predictably in all circumstances. Comfort is not getting pissed off with the computer because it let you close the application without prompting to save a document (I actually found an application being sold that did this the other day!). There are plenty of applications available for Windows that meet this standard, even if there are many that don't. It's all about finding the right ones.
Not at all. 'intuitive' and 'consistent' makes things easy to use, 'inspired' and 'exciting' makes people want to use them. All these factors contribute to productivity.
I have never, ever found a piece of software with a design that makes me want to use it (at least beyond the first 10 minute playing-around stage), except because the design was intuitive and consistent and let me do what I want easily.
And before you blame that on the Windows culture, I've used a wide variety of apps on Windows, Linux/KDE, Linux/GNOME, MacOS 9 and MacOS X.
Computers are a tool. 99.9% of people just use them to get a particular job done (that job is sometimes entertainment, but the computer's still being used as a tool, just as a fishing rod might be if your hobby's fishing). They don't care about how exciting the software they use is -- they just want it to help them do what they want to do, be that browse the web, play videos or audio tracks, write a novel, or whatever.
Is it just me that gets annoyed by misleading descriptions of how technology works, like this one:
A satellite positioning system tracked the cars' locations
No, devices attached to the cars tracked their own position using reference signals broadcast by satellites.
I suspect at least half the people reading the original sentence think that there's a satellite up there with a camera watching where the cars are and reporting back to some government HQ.
You can't enforce a trademark on a term that is a generic description of what you're selling. In this case, OS is a common abbreviation of Operating System, the only commonly accepted descriptive term of the kind of software Apple were selling, and 9 is clearly a version number in a format that is common practice for most software vendors, hence "OS 9" is not protectable -- it is a generic term that could be applied to the ninth major revision of any operating system.
Apple might have more luck in defending "OS X", though, as "X" is not part of a commonly used versioning scheme.
I believe, if you read the article, that what he was protecting was the application to toys (i.e. models of Stealth aircraft), which along with the $10 settlement Northrop Grumman agreed nod to get involved in.
Toys and sports goods are similar enough markets that he may have been able to get a judgement in his favour. Although history doesn't support the notion, he's sued 60 times and lost every single one according to the article.
Err, based on the fact that the way of programming the cards is actually documented well enough for open source drivers to be developed. Which was always a problem for earlier Stealth cards, because they were just about the only card available at the time with not enough information publically available for an open source driver to be written.
People are terrified of the law. I know I am; at any moment I could be sued and even if I win, it'll cost me thousands, with no way to recapture it. (And before a bunch of non-lawyers start demanding "loser pays", remember that "loser pays" just introduces other unfairnesses when the poor can't sue the rich.)
Bullshit. I live in a country (the UK) which has managed to avoid both problems. I don't fear being sued, because I know that if I am unfairly sued I will be compensated for my costs. However, I have had no trouble in the past sueing large companies who have breached contracts with me.
Having one's day in court is generally seen as a fundamental right, so judges are usually loathe to pull that trigger - you have to work at it pretty hard to get yourself declared a vexatious litigant in most places.
According to the article, he has sued people over this in excess of 60 times -- and lost in all cases. I'd say he's a vexatious litigant.
Yes. I've been a user on and off since '94, and have wasted away a lot of time on various groups.
It's practically impossible to comply and run a decent feed. Usenet is ephemeral anyway. Articles expire in days or weeks; and no single ISP could delete a post from every other server. And as I said, it did not originate with AOL, they have no authority to delete it from other servers.
Yes, but they could have complied with Ellison's actual request, which was to remove it from their own servers. And, legally speaking, were required to do so. Which was why, when they failed, they were sued.
MS's implementation of COM is to blame. For example, take a word file. It's a document. Yet. You can embedd "COM Objects" - really references or code to COM programs - in it.
That's OLE, not COM. OLE uses COM internally.
When that embedded object is referenced a program is started and given commands absent the users knowledge or intervention. When you insert a chart from an Excel spreadsheet in a Word document the path between data and code is blurred.
Not really. The code has to already be installed on the user's system for it to work.
When Word encouters a reference to that COM object a new program is started and the data feed to it. That's a huge security problem. Gigantic. Embedding of code inside documents is dangerous!
But it isn't code; it's data that's intended to be understood by a different program.
This is exactly how all those Outlook/Outlook Express problems got going. Why would a mail client execute the contents of a message? Because the difference between code and data has been blurred thanks to COM and MS.
Err... geenrally these have nothing to do with OLE, or COM. Most of the Outlook problems I'm aware of have been related to dodgy parsing of MIME headers causing the program to believe what it was loading was one data type (e.g. a sound file) when it was actually another (e.g. a script file). It then passed the data to the shell to execute, the shell realised it was a different type, so launched the application associated with the correct type (e.g. the script interpreter). No COM involved, no OLE involved, not even any ActiveX involved. A plain and simple case of the left hand not knowing what the right was doing.
Exactly the same problem could occur on any system that has (1) a way of associating document types with the application to process them [this applies to just about every modern desktop operating system], (2) has a script interpreter associated with its scripts [this is where the link breaks down for many systems] and (3) has an e-mail client that attempts to automatically play multimedia content [this is where everything else breaks down].
So MS's mistakes are:
1. Associating scripts with their interpreter for automatic execution. In Unix-like systems scripts are not generally associated with their interpreter by the user environment, but are executed directly by the OS. This is made possible by the execute bit in the filesystem and a header in the script file that identifies its interpreter.
MS's mistake here comes under the category in my original post of "the code was written without concern for security by people who didn't really understand how to make it secure." In this case, we're talking about the original authors of MS-DOS, and the person who decided while writing NT that backward compatibility with DOS in this matter was more important than security.
2. Making the e-mail client attempt to automatically play multimedia files when displaying the e-mail.
This is a stupid feature, but one that MS's marketing department probably thought would really appeal to the idiots^Wusers. It can be categorised in my original list under "too much emphasis on flexibility at the expense of security."
But, essentially, COM has nothing to do with this. OLE has nothing to do with this. The only thing even closely related to those which is involved is that of associating data files with applications used to manipulate them, and MS are hardly on their own in taking this step, and in itself it isn't a security problem.
In the purely realistic sense, it is not. People "execute" documents, data files, etc. They "invoke" commands on non-binaries, and the OS in turn takes an action which it supposes to do what the user wants.
Yes, but the same is true in almost every other system in common use today. Macs, Un*x with either KDE, CDE, Gnome or just about any other modern desktop, even strange-but-inherently-geeky systems like BeOS or RISC OS work like this. This is a common feature of almost all desktop operating systems, and to single Windows out for criticism because of it is, frankly, bizarre.
[NX] is unnecessary. Other OS's don't have the problems beacuse they are better designed and more simple. [...] I have a server with a stable configuration of OpenBSD.
OK, so you're running a server and comparing it with a complete desktop OS. It's hardly surprising that the desktop system is more complex; it has to cope with a lot more possible use scenarios, not to mention the fact that user friendliness is much, much more important to it. These things do come with a cost.
Oh, and you do know that NX was implemented first in OpenBSD, don't you. Except it's called W^X there. It's part of the reason OpenBSD is so secure -- on most platforms a buffer overrun cannot cause code execution.
At this time in tech history, I think it's to a writer's advantage to give away their work online, and that it actually helps sales of paperbacks and hardbacks. I put my money where my mouth is and my first novel, Star Dragon (Tor 2003), is available for free download from my site under a Creative Commons license. That's a decision that I made and my editor has supported. I hope it helps me generate sales at the milli-Ellison level or better.
Thanks. I'm actually downloading it right now; it's good to be able to read some work by new people so that I can learn whether I like it or not. I discovered Charlie Stross, David Weber and Mercedes Lackey like this, and I hope your story can come close to some of theirs.:)
Out of interest, who is your editor? I'm wondering whose desk I should aim to get my novel manuscript onto, you see.;)
I checked Amazon and found that your novel, "Star Dragon" is ranked 400,000 place with only 4 customer reviews. Tell me again why free distribution helps new authors?
You do know that the percentage of SF books still in print after 2 years is rather low, don't you? Books tend to only sell many copies in the first 6 months to a year after their release. If you want to continue selling after that, you need to keep interest alive by having another novel published that's more successful...
Also, for this to do much good, we have to hear about his novel before we can download it. Then, well, it might not improve sales of this one -- I'm going to download it now, having just heard about its availability for the first time, but I'm unlikely to buy it. I might watch for his next one and buy that, though, if I like it. It's a good way of raising your profile.
He made a deal with the guy who posted the files, the person who directly and knowingly violated his copyright, so he would give evidence against AOL, which WAS NOT the news server the files were posted from, merely one which carried the newsgroup with deep pockets.
And refused (or rather, incompetently failed) to remove the material when requested to do so, thus losing their legal protection against such things. His stance on AOL was entirely fair, I believe.
Is there any slashdotters that really hold Ellison high for his works? I had a paperback of some of his short tales and I just couldn't get into it.
Ellison ain't for casual reading, that's certain. Try some of his screenplays if you can't get into his stories: there are several episodes of the original Outer Limits series that he wrote; "Demon with a Glass Hand" is often considered the best, and is frequently cited as an important source of the inspiration for "The Terminator".
Also, some of his best work is in things he has edited, rather than written. The anthology, "Dangerous Visions" is considered by many to be a groundbreaking point in the world of SF short stories. I hear he is also a good friend of Joe Straczynski's and was highly influential in the writing of B5.
I'd hardly call 4 in California, 4 in Virginia, 2 in Maryland, 2 in Europe and 1 in Japan "well distributed". "Clustered in a few places" would be more accurate.
Because this is nothing new. You can achieve the same effects with LD_PRELOAD on Linux, or by installing your own ActiveX classes in place of some of MS's in the Windows registry, or, probably, with quite a few other techniquees.
The only real difference is that the dynamic OO framework of OSX makes it easier to achieve useful results with it. Malicious ones are easy enough with the existing frameworks on other platforms.
The point, besides your nitpicking know-it-all attitude is that MS's lack of data/code seperation has lead to nasty NX hacks and processor tricks to solve a problem that other OS's don't have.
But data and code are as separate on Windows as they are on any other OS. The problem with Windows has nothing to do with this. The largest problems are:
1. Much of the code was written without concern for security by people who didn't really understand how to make it secure. This lead to things like the RPC service buffer overflow.
2. There has been too much emphasis on making the system easy to use at the expense of security. This lead to things like the default password issue in SQL server, which originated a worm of its own.
3. There has been too much emphasis on flexibility at the expense of security. This led to MS Word viruses, and is possibly the closest to your point.
4. The system has been marketed on the basis that any idiot can use it. While this is true, any idiot can also use it to download and run malicious code without knowing it. There should have been more user education.
5. The system has blurred distinctions between outward facing components (e.g. Internet Explorer's DHTML implementation) and restricted-access inward facing ones (e.g. the extended versions of Javascript that are used for internal scripting purposes only). This has led to many scripting and active-x based security holes, and has in fact prompted MS to switch off Javascript on the local machine by default in SP2. Entirely.
I don't see how COM is to blame for any of these. Or DDE. Or OLE. Or even ActiveX, which is a fine technology if used appropriately.
And NX isn't really a nasty hack, it's something that should have been present and in use from the beginning. And if you really think other OSs don't have any buffer overflows, you're living with your head in the sand. I've had a buffer overflow exploited on one of my Linux boxes before now, although fortunately the worm using it failed to install correctly because it was intended for systems with a different configuration to mine.
I didn't read the article, despite the fact that I usually do before posting (yeah, I know, there are a couple of us). Why didn't I do this? Well, because the summary made it sound particularly pointless and like something I already knew.
Perhaps the summary should have been more clearly written, if this is actually about new information.
Interestingly, he didn't post a pointer to his own advertising-filled site on this one. Maybe he forgot. Or maybe the editors are getting wise and stripping his links out.
Although I still don't know why this story got posted. Talk about pointing out the bloody-obvious to the converted.
1. You can't derive the arithmetic of the natural numbers from it. 2. There is at least one true proposition that isn't a theorem in the system (i.e. it's incomplete, hence the name of Goedel's theorem). 3. The system isn't consistent.
[...]
Note that nothing is said about humans versus machines, and there's no reason that humans aren't as subject to it as programs.
In fact, it's well known that humans aren't consistent.
If inspiration and brilliance of design were not in some way important to people, we would all wear Mao suits or prison garb. Much more practical, you know. Easily interchangeable. No reason to have different designs just because there are two sexes.
Actually, what's most important to us is individuality. We like the fact that we're wearing something different from everyone else. We want what we wear to make a statement about our personality. If excellence of design were the primary criterion, we'd all be wearing the same clothes again -- those that were the best designed. But note that we're not.
On-seat power outlets for your laptop? Forget it.
Seatback TV screens? Not even close.
Comfy leather seats? Those are decadant luxuries of the West, don't you know.
None of these things are about creative and exciting design, either. They're about convenience, and adding additional features, and making the user comfortable. They're not exciting.
Carefully and thoughtfully and elegantly designed products are a good in and of themselves; millions of iPod users sense this even if they don't quite realize why.
The only iPod user among my friends is annoyed by his iPod's sharp edges, and is pissed off that it seems to have taken a dislike to some of his music, which it plays very rarely, while some of the tracks get played almost constantly. He also doesn't like the fact that the USB connector cover doesn't have anywhere to hold it like most other portable USB devices do, and is concerned that he'll probably lose it at some point.
In any event, we are not working in a factory, and when we work on computers all day, our comfort is essential. If the more creative software vendors realize this is most true on the Mac, and cater to it, it simply means I've chosen the right platform.
Comfort, sure. But comfort is about consistent user interfaces with logical layouts, and applications that behave predictably in all circumstances. Comfort is not getting pissed off with the computer because it let you close the application without prompting to save a document (I actually found an application being sold that did this the other day!). There are plenty of applications available for Windows that meet this standard, even if there are many that don't. It's all about finding the right ones.
Not at all. 'intuitive' and 'consistent' makes things easy to use, 'inspired' and 'exciting' makes people want to use them. All these factors contribute to productivity.
I have never, ever found a piece of software with a design that makes me want to use it (at least beyond the first 10 minute playing-around stage), except because the design was intuitive and consistent and let me do what I want easily.
And before you blame that on the Windows culture, I've used a wide variety of apps on Windows, Linux/KDE, Linux/GNOME, MacOS 9 and MacOS X.
Computers are a tool. 99.9% of people just use them to get a particular job done (that job is sometimes entertainment, but the computer's still being used as a tool, just as a fishing rod might be if your hobby's fishing). They don't care about how exciting the software they use is -- they just want it to help them do what they want to do, be that browse the web, play videos or audio tracks, write a novel, or whatever.
Is it just me that gets annoyed by misleading descriptions of how technology works, like this one:
A satellite positioning system tracked the cars' locations
No, devices attached to the cars tracked their own position using reference signals broadcast by satellites.
I suspect at least half the people reading the original sentence think that there's a satellite up there with a camera watching where the cars are and reporting back to some government HQ.
You can't enforce a trademark on a term that is a generic description of what you're selling. In this case, OS is a common abbreviation of Operating System, the only commonly accepted descriptive term of the kind of software Apple were selling, and 9 is clearly a version number in a format that is common practice for most software vendors, hence "OS 9" is not protectable -- it is a generic term that could be applied to the ninth major revision of any operating system.
Apple might have more luck in defending "OS X", though, as "X" is not part of a commonly used versioning scheme.
I believe, if you read the article, that what he was protecting was the application to toys (i.e. models of Stealth aircraft), which along with the $10 settlement Northrop Grumman agreed nod to get involved in.
Toys and sports goods are similar enough markets that he may have been able to get a judgement in his favour. Although history doesn't support the notion, he's sued 60 times and lost every single one according to the article.
For everything else, there are lawyers.
And you'll be hearing from ours shortly. Thanks.
Mastercard Legal Department.
Err, based on the fact that the way of programming the cards is actually documented well enough for open source drivers to be developed. Which was always a problem for earlier Stealth cards, because they were just about the only card available at the time with not enough information publically available for an open source driver to be written.
People are terrified of the law. I know I am; at any moment I could be sued and even if I win, it'll cost me thousands, with no way to recapture it. (And before a bunch of non-lawyers start demanding "loser pays", remember that "loser pays" just introduces other unfairnesses when the poor can't sue the rich.)
Bullshit. I live in a country (the UK) which has managed to avoid both problems. I don't fear being sued, because I know that if I am unfairly sued I will be compensated for my costs. However, I have had no trouble in the past sueing large companies who have breached contracts with me.
Having one's day in court is generally seen as a fundamental right, so judges are usually loathe to pull that trigger - you have to work at it pretty hard to get yourself declared a vexatious litigant in most places.
According to the article, he has sued people over this in excess of 60 times -- and lost in all cases. I'd say he's a vexatious litigant.
Do you know anything about Usenet?
Yes. I've been a user on and off since '94, and have wasted away a lot of time on various groups.
It's practically impossible to comply and run a decent feed. Usenet is ephemeral anyway. Articles expire in days or weeks; and no single ISP could delete a post from every other server. And as I said, it did not originate with AOL, they have no authority to delete it from other servers.
Yes, but they could have complied with Ellison's actual request, which was to remove it from their own servers. And, legally speaking, were required to do so. Which was why, when they failed, they were sued.
D'oh. Submitted before I'd finished.
MS's implementation of COM is to blame. For example, take a word file. It's a document. Yet. You can embedd "COM Objects" - really references or code to COM programs - in it.
That's OLE, not COM. OLE uses COM internally.
When that embedded object is referenced a program is started and given commands absent the users knowledge or intervention. When you insert a chart from an Excel spreadsheet in a Word document the path between data and code is blurred.
Not really. The code has to already be installed on the user's system for it to work.
When Word encouters a reference to that COM object a new program is started and the data feed to it. That's a huge security problem. Gigantic. Embedding of code inside documents is dangerous!
But it isn't code; it's data that's intended to be understood by a different program.
This is exactly how all those Outlook/Outlook Express problems got going. Why would a mail client execute the contents of a message? Because the difference between code and data has been blurred thanks to COM and MS.
Err... geenrally these have nothing to do with OLE, or COM. Most of the Outlook problems I'm aware of have been related to dodgy parsing of MIME headers causing the program to believe what it was loading was one data type (e.g. a sound file) when it was actually another (e.g. a script file). It then passed the data to the shell to execute, the shell realised it was a different type, so launched the application associated with the correct type (e.g. the script interpreter). No COM involved, no OLE involved, not even any ActiveX involved. A plain and simple case of the left hand not knowing what the right was doing.
Exactly the same problem could occur on any system that has (1) a way of associating document types with the application to process them [this applies to just about every modern desktop operating system], (2) has a script interpreter associated with its scripts [this is where the link breaks down for many systems] and (3) has an e-mail client that attempts to automatically play multimedia content [this is where everything else breaks down].
So MS's mistakes are:
1. Associating scripts with their interpreter for automatic execution. In Unix-like systems scripts are not generally associated with their interpreter by the user environment, but are executed directly by the OS. This is made possible by the execute bit in the filesystem and a header in the script file that identifies its interpreter.
MS's mistake here comes under the category in my original post of "the code was written without concern for security by people who didn't really understand how to make it secure." In this case, we're talking about the original authors of MS-DOS, and the person who decided while writing NT that backward compatibility with DOS in this matter was more important than security.
2. Making the e-mail client attempt to automatically play multimedia files when displaying the e-mail.
This is a stupid feature, but one that MS's marketing department probably thought would really appeal to the idiots^Wusers. It can be categorised in my original list under "too much emphasis on flexibility at the expense of security."
But, essentially, COM has nothing to do with this. OLE has nothing to do with this. The only thing even closely related to those which is involved is that of associating data files with applications used to manipulate them, and MS are hardly on their own in taking this step, and in itself it isn't a security problem.
In the purely realistic sense, it is not. People "execute" documents, data files, etc. They "invoke" commands on non-binaries, and the OS in turn takes an action which it supposes to do what the user wants.
Yes, but the same is true in almost every other system in common use today. Macs, Un*x with either KDE, CDE, Gnome or just about any other modern desktop, even strange-but-inherently-geeky systems like BeOS or RISC OS work like this. This is a common feature of almost all desktop operating systems, and to single Windows out for criticism because of it is, frankly, bizarre.
[NX] is unnecessary. Other OS's don't have the problems beacuse they are better designed and more simple. [...] I have a server with a stable configuration of OpenBSD.
OK, so you're running a server and comparing it with a complete desktop OS. It's hardly surprising that the desktop system is more complex; it has to cope with a lot more possible use scenarios, not to mention the fact that user friendliness is much, much more important to it. These things do come with a cost.
Oh, and you do know that NX was implemented first in OpenBSD, don't you. Except it's called W^X there. It's part of the reason OpenBSD is so secure -- on most platforms a buffer overrun cannot cause code execution.
podcast has to be the most idiotic word EVER. It's just a fucking mp3 download!!!
Actually, it's a subscription-based syndicated audio article.
At this time in tech history, I think it's to a writer's advantage to give away their work online, and that it actually helps sales of paperbacks and hardbacks. I put my money where my mouth is and my first novel, Star Dragon (Tor 2003), is available for free download from my site under a Creative Commons license. That's a decision that I made and my editor has supported. I hope it helps me generate sales at the milli-Ellison level or better.
:)
;)
Thanks. I'm actually downloading it right now; it's good to be able to read some work by new people so that I can learn whether I like it or not. I discovered Charlie Stross, David Weber and Mercedes Lackey like this, and I hope your story can come close to some of theirs.
Out of interest, who is your editor? I'm wondering whose desk I should aim to get my novel manuscript onto, you see.
I checked Amazon and found that your novel, "Star Dragon" is ranked 400,000 place with only 4 customer reviews. Tell me again why free distribution helps new authors?
You do know that the percentage of SF books still in print after 2 years is rather low, don't you? Books tend to only sell many copies in the first 6 months to a year after their release. If you want to continue selling after that, you need to keep interest alive by having another novel published that's more successful...
Also, for this to do much good, we have to hear about his novel before we can download it. Then, well, it might not improve sales of this one -- I'm going to download it now, having just heard about its availability for the first time, but I'm unlikely to buy it. I might watch for his next one and buy that, though, if I like it. It's a good way of raising your profile.
Gerrold, of course, is an author who also frequently gets the "who?" reaction, despite having written possibly the best loved Science Fiction story, ever.
:)
I keep intending to read some of the Chtorr(sp?) books, but keep putting it off. I want to be certain he'll finish the series first.
He made a deal with the guy who posted the files, the person who directly and knowingly violated his copyright, so he would give evidence against AOL, which WAS NOT the news server the files were posted from, merely one which carried the newsgroup with deep pockets.
And refused (or rather, incompetently failed) to remove the material when requested to do so, thus losing their legal protection against such things. His stance on AOL was entirely fair, I believe.
Is there any slashdotters that really hold Ellison high for his works? I had a paperback of some of his short tales and I just couldn't get into it.
Ellison ain't for casual reading, that's certain. Try some of his screenplays if you can't get into his stories: there are several episodes of the original Outer Limits series that he wrote; "Demon with a Glass Hand" is often considered the best, and is frequently cited as an important source of the inspiration for "The Terminator".
Also, some of his best work is in things he has edited, rather than written. The anthology, "Dangerous Visions" is considered by many to be a groundbreaking point in the world of SF short stories. I hear he is also a good friend of Joe Straczynski's and was highly influential in the writing of B5.
I'd hardly call 4 in California, 4 in Virginia, 2 in Maryland, 2 in Europe and 1 in Japan "well distributed". "Clustered in a few places" would be more accurate.
Because this is nothing new. You can achieve the same effects with LD_PRELOAD on Linux, or by installing your own ActiveX classes in place of some of MS's in the Windows registry, or, probably, with quite a few other techniquees.
The only real difference is that the dynamic OO framework of OSX makes it easier to achieve useful results with it. Malicious ones are easy enough with the existing frameworks on other platforms.
The point, besides your nitpicking know-it-all attitude is that MS's lack of data/code seperation has lead to nasty NX hacks and processor tricks to solve a problem that other OS's don't have.
But data and code are as separate on Windows as they are on any other OS. The problem with Windows has nothing to do with this. The largest problems are:
1. Much of the code was written without concern for security by people who didn't really understand how to make it secure. This lead to things like the RPC service buffer overflow.
2. There has been too much emphasis on making the system easy to use at the expense of security. This lead to things like the default password issue in SQL server, which originated a worm of its own.
3. There has been too much emphasis on flexibility at the expense of security. This led to MS Word viruses, and is possibly the closest to your point.
4. The system has been marketed on the basis that any idiot can use it. While this is true, any idiot can also use it to download and run malicious code without knowing it. There should have been more user education.
5. The system has blurred distinctions between outward facing components (e.g. Internet Explorer's DHTML implementation) and restricted-access inward facing ones (e.g. the extended versions of Javascript that are used for internal scripting purposes only). This has led to many scripting and active-x based security holes, and has in fact prompted MS to switch off Javascript on the local machine by default in SP2. Entirely.
I don't see how COM is to blame for any of these. Or DDE. Or OLE. Or even ActiveX, which is a fine technology if used appropriately.
And NX isn't really a nasty hack, it's something that should have been present and in use from the beginning. And if you really think other OSs don't have any buffer overflows, you're living with your head in the sand. I've had a buffer overflow exploited on one of my Linux boxes before now, although fortunately the worm using it failed to install correctly because it was intended for systems with a different configuration to mine.
It was all balled up, like string. And if you could jump from one piece to another...
No, sorry, wrong thread.
I didn't read the article, despite the fact that I usually do before posting (yeah, I know, there are a couple of us). Why didn't I do this? Well, because the summary made it sound particularly pointless and like something I already knew.
Perhaps the summary should have been more clearly written, if this is actually about new information.
Interestingly, he didn't post a pointer to his own advertising-filled site on this one. Maybe he forgot. Or maybe the editors are getting wise and stripping his links out.
Although I still don't know why this story got posted. Talk about pointing out the bloody-obvious to the converted.
1. You can't derive the arithmetic of the natural numbers from it.
2. There is at least one true proposition that isn't a theorem in the system (i.e. it's incomplete, hence the name of Goedel's theorem).
3. The system isn't consistent.
[...]
Note that nothing is said about humans versus machines, and there's no reason that humans aren't as subject to it as programs.
In fact, it's well known that humans aren't consistent.