"I can only assume that you are refering to hardware memory management units that are in a lot of processors and make things easier but you have misunderstood that modern operating systems can run properly on processors without a MMU."
Very old OS's can also run properly without a MMU, it's not due to any recent advance in OS design. But neither the old nor the new OS's can protect against a malicious program if the hardware doesn't support it.
"It usually employs hardware (i.e. a memory management unit) and system software to allocate distinct memory to different processes and to handle exceptions arising when a process tries to access memory outside its bounds."
In other words, both hardware support and system software are required to implement it. There's nothing to support your argument there.
"You don't need a memory management unit to run several current versions of BSD, uClinux and several current real time operating systems."
Yes there are many Os's without good security, but so what?
"It is harder for the operating system to do and takes cycles - but it's not as if it is anything that wasn't done before Microsoft even started. "
You just don't get it. Without hardware support, a program can write to memory anywhere and the OS won't even know what happened. In many cases you could effectively kill the OS with just one instruction to disable interrupts.
"At least I'm getting trolled on work time by a guy that has paid slashot for the privelege"
Ah, finally. I know when the troll card is played against me, I've won the argument.
Of course, the 286 wasn't the processor used when DOS and Windows was first designed and no version of *nix required backward compatbility with DOS or Windows, so it really has nothing to do with the issue.
I suggest you go off quietly and think about the implications of a single address space that is available to all programs, why that is a security issue and why this problem can't be solved in software.
Well, assuming a system is secure because it's "closed" doesn't sound like the level of security one usually associates with US defense agencies. But my point wasn't to bash the Internet creators but to show that any system that is taken out of it's orginal environment may enocounter unexpected problems.
The "job" a network is supposed to perform is a function of its requirements. So your link just illustrates that they didn't include security in their requirements. So what?
If MS says that security isn't part of their requirements, does it mean we don't have security problems because both the network and the OS are doing what they were designed to do?
"That said, when Microsoft first chiseled out Windows there was plenty of secure OS features and controls already out in the field and they *chose* not to implement them"
Perhaps you don't understand how these secure OS features are implemented or you don't know the Windows timeline. Windows was first designed to run on a 8088. The 8008 is not capable of enforcing any execution privileges, so everything effectively runs as "root" and nothing can be done about it.
"part of the reason AOL even existed was the lack of TCP tools on the PC platform"
No. AOL was just the last succesfull commercial dial-up proprietary BBS. These BBS had value because a lot of content was available in one place with tools to help you find what you want without a lot of technical knowledge. AOL was available for the PC in 1991 and two years later there were only 200 http sites in the entire world.
So having TCP avalable on the PC would not have have eliminated the value of AOL and the companies that proceeded them.
"I think it's better to create a moderately 'insecure' system (What exactly is insecure about the Internet's infrastructure anyway?) than to impose a grand overly complex security scheme on it to find it becomes a hinderence later (20 years later for example)."
That sounds quite compatible with MS's approach. The difference is that you acknowlege the value of trade-offs in the Internet design, but deny it for MS's design.
Sure, but even now you couldn't implement standard Unix security on the PC platform that DOS and Windows started with because the hardware didn't support it. Also at the time DOS and Windows were created Unix was just one among many OS's and wasn't considered a standard.
As I said elsewhere, MS could have more easily avoided legacy security issues by giving up backward-compatibility, but that would have been a very dumb business move.
"Microsoft has the ablility and market position which guarantee to some extent they can re-write their OS every few years and make billions doing it."
If they wanted to write a brand new OS that wasn't compatible with Windows and had no inherited security issues or inherited market value they could, but they wouldn't be making billions doing it.
Those who designed the Internet were also overly optimistic about the true nature of people and didn't really consider security issues either.
I really don't blame either group. If they had considered all possible future needs prior to creating an implementation they'd still be working on it today and Slashdot would be a pen-pal club.
My point is that one should expect more problems in the beta of a major OS release like Vista than in a relatively simple application like Gmail. Given the narrow scope and low complexity of the kinds of applications Google writes, it would be a mistake to draw any conclusions about how useful their development practices would be to other organizations.
As far as stability is concerned, I've seen Gmail hang many more times than I've seen XP hang.
"Hey, if home depo regularly kills people due to poor shelving practices (falling knives), and dip-n-dots manages to synthesize amazing ice cream out of thin air and solar power, I think it's fair to start drawing comparisons."
Huh?
"Regardless, the point is that a functioning product that still calls itself "beta" shouldn't be used as an argument against the software development practices that spawned it."
One could certainly make a case for your position, but not by comparing software as unrelated in scope and function as Vista and Gmail. Neverthless, Google has called these applications Beta and shouldn't be surprised or offended if people assume that Google knows what the word means and used it appropriately.
Of course, you make the assumption that the people they hire have these qualities. The percentage of people who wash-out of the hiring process is not a good predictor of the quality of those who are eventually selected.
A hiring process (if it's methodically applied) is really an algorithm for selecting people with certain traits and abilities. It would take several years of followup to determine the quality of the algorithm, but it's rarely done. I'm probably giving Google too much credit though. I suspect that their process isn't that well defined.
"Compare Vista Beta to Gmail Beta. Not all Beta is created equal."
And neither are all software projects. I can't imagine what possible benefit one could derive from comparing Vista to Gmail. It's like comparing home depot to a dip-n-dots ice cream stand.
"Brainwashed in what way(s)? I got the impression Google succeeds b/c it has a lot of creative, innovative techies. "
See, it even works outside the company. How do you know that Google employees are so great? Why, because Google whispers it to you subliminally through their hiring stunts.
"I can only assume that you are refering to hardware memory management units that are in a lot of processors and make things easier but you have misunderstood that modern operating systems can run properly on processors without a MMU."
Very old OS's can also run properly without a MMU, it's not due to any recent advance in OS design. But neither the old nor the new OS's can protect against a malicious program if the hardware doesn't support it.
Let's take a look at that 2nd sentance shall we?
"It usually employs hardware (i.e. a memory management unit) and system software to allocate distinct memory to different processes and to handle exceptions arising when a process tries to access memory outside its bounds."
In other words, both hardware support and system software are required to implement it. There's nothing to support your argument there.
"You don't need a memory management unit to run several current versions of BSD, uClinux and several current real time operating systems."
Yes there are many Os's without good security, but so what?
"It is harder for the operating system to do and takes cycles - but it's not as if it is anything that wasn't done before Microsoft even started. "
You just don't get it. Without hardware support, a program can write to memory anywhere and the OS won't even know what happened. In many cases you could effectively kill the OS with just one instruction to disable interrupts.
"At least I'm getting trolled on work time by a guy that has paid slashot for the privelege"
Ah, finally. I know when the troll card is played against me, I've won the argument.
Clearly backward compatibility was a goal MS had and it works well enough for most applications.
If you want to understand the role that hardware plays I suggest you start here:
http://en.wikipedia.org/wiki/Memory_protection
Of course, one significant difference between VMS and NT is that the former didn't need to be backward compatible with older versions of Windows.
Of course, the 286 wasn't the processor used when DOS and Windows was first designed and no version of *nix required backward compatbility with DOS or Windows, so it really has nothing to do with the issue.
Well, if I were standing in it, I'd cough too.
Perhaps you should consider how this is accomplished.
I suggest you go off quietly and think about the implications of a single address space that is available to all programs, why that is a security issue and why this problem can't be solved in software.
So you don't know that it's hardware than makes it possible to have different privilege levels in an OS?
Well, assuming a system is secure because it's "closed" doesn't sound like the level of security one usually associates with US defense agencies. But my point wasn't to bash the Internet creators but to show that any system that is taken out of it's orginal environment may enocounter unexpected problems.
The "job" a network is supposed to perform is a function of its requirements. So your link just illustrates that they didn't include security in their requirements. So what?
If MS says that security isn't part of their requirements, does it mean we don't have security problems because both the network and the OS are doing what they were designed to do?
"you could do it then at the inception of Windows"
Sorry, but you're absolutely wrong. Go study early PC hardware and you'll discover why.
"That said, when Microsoft first chiseled out Windows there was plenty of secure OS features and controls already out in the field and they *chose* not to implement them"
Perhaps you don't understand how these secure OS features are implemented or you don't know the Windows timeline. Windows was first designed to run on a 8088. The 8008 is not capable of enforcing any execution privileges, so everything effectively runs as "root" and nothing can be done about it.
"part of the reason AOL even existed was the lack of TCP tools on the PC platform"
No. AOL was just the last succesfull commercial dial-up proprietary BBS. These BBS had value because a lot of content was available in one place with tools to help you find what you want without a lot of technical knowledge. AOL was available for the PC in 1991 and two years later there were only 200 http sites in the entire world.
So having TCP avalable on the PC would not have have eliminated the value of AOL and the companies that proceeded them.
"I think it's better to create a moderately 'insecure' system (What exactly is insecure about the Internet's infrastructure anyway?) than to impose a grand overly complex security scheme on it to find it becomes a hinderence later (20 years later for example)."
That sounds quite compatible with MS's approach. The difference is that you acknowlege the value of trade-offs in the Internet design, but deny it for MS's design.
"By comparison, the Internet as a whole has come to grips with the security need a bit more completely than Microsoft."
Coming "to grips with the security" sounds a lot like a virus scanner style approach. What has been done to solve the Internet's security issues?
Sure, but even now you couldn't implement standard Unix security on the PC platform that DOS and Windows started with because the hardware didn't support it. Also at the time DOS and Windows were created Unix was just one among many OS's and wasn't considered a standard.
As I said elsewhere, MS could have more easily avoided legacy security issues by giving up backward-compatibility, but that would have been a very dumb business move.
"Microsoft has the ablility and market position which guarantee to some extent they can re-write their OS every few years and make billions doing it."
If they wanted to write a brand new OS that wasn't compatible with Windows and had no inherited security issues or inherited market value they could, but they wouldn't be making billions doing it.
Those who designed the Internet were also overly optimistic about the true nature of people and didn't really consider security issues either.
I really don't blame either group. If they had considered all possible future needs prior to creating an implementation they'd still be working on it today and Slashdot would be a pen-pal club.
My point is that one should expect more problems in the beta of a major OS release like Vista than in a relatively simple application like Gmail. Given the narrow scope and low complexity of the kinds of applications Google writes, it would be a mistake to draw any conclusions about how useful their development practices would be to other organizations.
As far as stability is concerned, I've seen Gmail hang many more times than I've seen XP hang.
"Hey, if home depo regularly kills people due to poor shelving practices (falling knives), and dip-n-dots manages to synthesize amazing ice cream out of thin air and solar power, I think it's fair to start drawing comparisons."
Huh?
"Regardless, the point is that a functioning product that still calls itself "beta" shouldn't be used as an argument against the software development practices that spawned it."
One could certainly make a case for your position, but not by comparing software as unrelated in scope and function as Vista and Gmail.
Neverthless, Google has called these applications Beta and shouldn't be surprised or offended if people assume that Google knows what the word means and used it appropriately.
Of course, you make the assumption that the people they hire have these qualities. The percentage of people who wash-out of the hiring process is not a good predictor of the quality of those who are eventually selected.
A hiring process (if it's methodically applied) is really an algorithm for selecting people with certain traits and abilities. It would take several years of followup to determine the quality of the algorithm, but it's rarely done. I'm probably giving Google too much credit though. I suspect that their process isn't that well defined.
"Compare Vista Beta to Gmail Beta. Not all Beta is created equal."
And neither are all software projects. I can't imagine what possible benefit one could derive from comparing Vista to Gmail. It's like comparing home depot to a dip-n-dots ice cream stand.
Whether he uses the word "Methodology" or not he's really promoting the Google methodology. I wonder which stupid people he's targeting.
"Brainwashed in what way(s)? I got the impression Google succeeds b/c it has a lot of creative, innovative techies. "
See, it even works outside the company. How do you know that Google employees are so great? Why, because Google whispers it to you subliminally through their hiring stunts.