You are clueless. Nothing about a digital signature system requires encryption. "Cryptography" refers to the broader field that encompasses the topic under discussion. Part of that field deals with digital signatures. These provide authenticity: i.e., proof that a message is actually from who it's purported to be from. Encryption is another, different part of the same field. It concerns providing confidentiality that prevents a message being observed. Another field is the study of digest algorithms, including keyed hashes. These provide integrity: i.e., proof that a message has not been tampered with. These are all separate and distinct areas, and you are conflating them. A keyed hash is not a digital signature system.
Do that when the signature doesn't match. No need for encryption.
The only thing that's important here is ensuring that the browser, on behalf of the user, is the only one that can write the manifest to disk. There's no harm in other applications reading the state of the manifest
And that's *precisely* why encryption is pointless here: it provides confidentiality and nothing else, and we've already established that the plugin list is not confidential.
My interpretation was in the spirit of intellectual charity, not arrogance; i.e., I gave you the benefit of the doubt, employing the only interpretation that makes any sense.
Encryption without authentication is worthless. Either you're using symmetric encryption and you make the user enter the password every time the browser wants to read the plugin list (or worse, store the key on disk), or you're using asymmetric encryption and creating a message that can be decrypted by a given public key is simple.
Encryption *and* authentication is pointless in this case because the browser needs to be able to decrypt plugin information at all times using only information in persistent storage. Encryption does not provide any security properties in this context.
So we're left with authentication itself being the task at hand, which I assumed is what you meant. But instead of having an adult conversation about the issue, you have a temper tantrum. I'm through.
Encrypt the list of enabled plugins with a user password
"Encryption" is the wrong word here. What we're talking about is digital signing. The way it would work is that upon installation, the browser would generate a public-private keypair, encrypt the private key with a password of the user's choice, and save the resulting public key and encrypted private key to persistent storage.
At all times, the browser would store the list of enabled plugins and sign it with the encrypted private key. Nobody can generate a valid signature for a list of enabled plugins without the password, and the browser will not use a plugin list unless it comes with a valid signature.
All this is fine as far as it goes, but it'll only work until our malicious plugin installer patches the browser binary and makes it skip the key check; the malware could also replace both the public and the private key with replacements of its choosing. Either way, the user may or may not eventually notice that something is wrong, but if he does, it probably won't be a while, and he probably won't be able to track the malfunction back to the evil installer.
Malware vendors can also wait for the user to type his password when installing a different plugin, then use that password to generate a valid signature for a plugin list that includes anything desired.
The moral is that applications still need to be sandboxed. They're not protected from each other. Without OS-level protection, applications can do horrible things (often without needing elevated privileges at all). Half-measures aren't the answer.
The browser has to somewhere remember that a user approved an extension. It does this by writing state to disk. A malicious extension installer can simply modify this saved state to make the browser think the user installed and approved the payload. The same goes for a startup message advertising extensions that have been installed since the last browser run.
You can't win this fight without OS involvement. The correct solution is application-level sandboxing, which quite a few people are working on.
Blame? Who said anything about blame? Moralizing and pointing fingers doesn't accomplish anything. I don't begrudge the rich for taking advantage of their access to the levers of power. Human nature is immutable.
Ideally, we'd align incentives so that actions taken in self interest benefit all. Unfortunately, we don't have that incentive structure today. If we want to remedy that situation, we need to convince or force those currently in power to be more egalitarian; it just so happens that the people in power today (as is usually the case) are the ultra-wealthy.
Another point is to consider the efficient market hypothesis and the relative competence of people. If our system allocated resources efficiently, then the variance in personal incomes should match the variance of intrinsic talent. Consider software development: this field is highly unusual because some people can be an order of magnitude more productive than others.
In most fields, the gap is far smaller. Yet income disparity in the United States is on the order of tens of orders of magnitude. The difference between the theoretical and actual figures can only happen if rent seeking is occurring: that is, that income disparity is so severe is a strong indicator that our market system, instead of being free, fair, and efficient, is actually corrupt.
Your class-baiting, "the pie can never grow, so the only way for anyone to enter the middle class is to take money from somebody else" clap-trap is embarassingly juvenile.
The pie is growing, but the wealthy are taking the vast majority of the increase:
In recent years, the statistics regarding income disparity in America have been startling. After-tax annual income for the bottom fifth of American households inched up just 6 percent form 1979 to 2005, according to the Congressional Budget Office. During that time, income for the middle fifth of households grew by a modest 21 percent, with much of that gain caused by women in many households working more hours. Over that same period, income for the top fifth of households jumped by an impressive 80 percent, while income for the top 1 percent more than tripled, soaring by 228 percent.
The wealth disparity itself is a problem, but worse is the corrosive effect this wealth has on our political structure: those with money and influence are increasingly able to purchase government policies that further increase their share of the pie even at the expense of the total size of the pie. It's a positive feedback loop: more wealth leads to more power, and more power leads to greater wealth. This feedback is why I'm so dour about our prospects: the cycle seems impossible to break.
The little things we agitate about today: censorship, abuse of copyright, overzealous airport security, our foreign wars, the loss of our manufacturing jobs, are all caused by the increasing ability of the wealthy to pervert government to work in their favor. When power is concentrated in a few hands, the result is inevitably selfish exercise of that power and poor outcomes.
I'm impressed: I couldn't squeeze that many fallacies into the same sentence if I tried. You're arguing that poor people aren't productive, and that the welfare state, with its progressive taxation, is "slavery"? You're really arguing that people who make millions would be less "productive" if taxed at a higher rate? If you're posting on Slashdot, it's exceedingly likely that you are not wealthy enough for our current plutocratic policies to work in your favor.
You illustrate my point perfectly: you've been convinced by the propaganda of the ultra-wealthy and their lapdogs to argue (and presumably, vote) against your own economic interests and damn our country in the process.
I'm afraid you're right. The maldistribution of income in the United States is now worse than it was in the 1920s before the crash, worse than it was for most Latin American countries during their "banana republic" phases, and worse than it was for the Weimar Republic. A disgusting excess of wealth accumulated at the top has distorted our political system, making government insensible to the needs of the common people. This Internet censorship is just a tiny example of the ongoing decay of our society. Growing corruption and socioeconomic leads to civil unrest, and eventually, a violent revolution.
Revolutions are not pretty things. While there have been a few good outcomes (e.g., the American Revolution), the vast majority of post-revolutionary governments end up being oppressive theocracies (Iran [a perversion of the original intent]), violent tyrannies (France, the Bolsheviks), or fascist nightmare states (Germany, Italy, Spain). All were belligerent, and all led to war.
In the 1930s, we dodged lightning. FDR was a visionary who managed to head off a growing revolutionary movement by using public works programs, social security, and the rest of the "new deal" to improve the life of the common man. If we'd elected another Hoover, we would have most likely had a fascist revolt.
Today, we're not so lucky, and we have all the ingredients for a political hellstorm: severe and ostentatious socioeconomic inequality; rampant corruption in all branches of government; a climate of anti-intellectualism; and millions of angry, ignorant, and powerless people eager to hang their hats on whatever demagogue gives them the best scapegoat and massages their egos to his (or her) greatest advantage. It's a powder keg.
The revolution may not come tomorrow, next week, or next year, but barring a political miracle, it is coming. And when it does, the most reactionary, unstable, and angry elements of our society will control a military more powerful than the rest of the world combined and enough nuclear weapons to turn every city in the world to glass that glows in the dark. Napoleon and the fascist states of the mid-20th century had nothing on our power. God help us, and God help the world.
The mechanism to accomplish what you state is called an injunction. If party A is doing something that harms party B and the cessation of the activity cannot wait until trial, party B asks a judge to issue a temporary injunction. A and B show up in court, and if the judge believes B, he orders A to stop under penalty of contempt of court.
That's how due process is supposed to work. Note that both parties have their say. What the DHS did is not due process.
It looks like a security boundary, acts like a security boundary, and smells like a security boundary. It is a security boundary as far as application developers and user are concerned. Even the terminology involved ---- "elevation", "integrity level", and so on --- suggests this interpretation. Claiming after the fact that "it was never intended as a security boundary" is just an exercise in weasel working.
UAC isn't there because we want to deal with it. If it isn't a security boundary, what's the goddamned point? If there are known holes MS refuses to fix, black hats will use these holes, and you might as well turn UAC off and avoid the inconvenience.
Yet a huge number of technology people are opposed to both organized labor and government regulation, all in the name of libertarianism? And you vote Republican?
Oh, get real. We're talking about a few hundred dollars per seat. It's not unreasonable to pay that every few years for a tool you use to make your living. If you own a business, you pay more than that for artificial lighting.
If by "socialism", you mean having the kind of lifestyle that the citizens of France, Norway, Britain, Holland, Sweden, Belgium, Germany, Switzerland, and Italy enjoy, then I am a socialist.
So they could have started then... and as a member of the right, I WISH THEY WOULD HAVE. Not because the open partisanship would have cost them votes, because I don't think it would have given how reviled the right had become by 2006, but because we need an open an honest government. However, neither party wants that, they both want a closed, powerful government even if it means they take turns owning the keys.
Neither ideology's policies have really been tried! 41 of the 100 senators can kill any bill. The result is a debilitating inability to pass legislation in order to respond to circumstances. Any legislation that does manage to pass does so only after its supporters remove any half-objectionable policy provisions and load the bill up with bribes for each of the 10 opposition-party senators who have to vote for it. Neither party can reform anything this way. With nobody at the controls of the ship of state, it's little wonder our civil society has decayed. What little governance remaining comes in the form of increasingly brazen executive action, and that's deeply unhealthy for any democracy.
Eliminate the filibuster. Let whichever party is in control actually govern, and give that party a fair shot at improving our lot.
Now, as a liberal, I feel that conservative and libertarian policies would be disastrous, but I'd rather endure them for a few years so that voters would see how awful they are. Having seen what conservatism really means, voters would put progressives into office and keep them there, where they could do some good.
Frankly, I wish the Republicans had invoked the "nuclear option" a few years ago. In that world, without the filibuster, the Democrats would have been able to pass another New Deal and actually start the work of healing the country.
They really are past their sell-by date, and the few who have principles (Kucinich comes to mind) need to put some respectful distance between the rest of the chumps, endorse Nader (or someone like him) and start work on a progressive, thinking version of the Tea Party.
And split the liberal ticket so that conservatives win? No, thanks. A third party is not the right approach in any country in which Duverger's Law applies.
The proper venue to drag the Democratic party, kicking and screaming, in a more progressive direction is the primary. We don't need a party filled with Kucinich clones. Instead, we need to fill the Democratic Party with Kucinich clones. Only the latter has a chance in hell of working.
Bullshit. This false equivalence between the parties is fueled by conservative media outlets, and it's designed to frustrate voters so they skip the polls entirely, allowing the vote be dominated by the right-wing base.
If you want to see the difference between the parties, just compare the Bush keys to the legislation that was passed by the House over the past two years. A lot of that didn't make it into law, but that's because of Republicans filibustering in the Senate, not Democratic malfeasance.
It really takes a special kind of stupidity to think "they're all the same" after 2000-2008. The Democrats aren't perfect, but by god, at least they don't yearn for a return to serfdom.
Ah, I see what you mean now. Yes, running as non-root, it's a PITA to get into directories without the read and execute bits set. Gconf doing that is very rude, and it should definitely stop. Have you filed a bug?
Firefox stores the vast majority of its configuration information in user profiles, not in the registry. It also uses its own COM system internally, not the one provided by Windows.
1) it is actually a highly organised structure of settings that if you took the time to understand it actually makes finding stuff very easy.
The real problem is that the registry's organization is that it:
Has too much hierarchy (what the hell is CurrentControlSet and why is it separate from the configuration for Windows?)
Leads to very, very long registry paths that are impossible to speak or write, and that make everyone's eyes glaze over.
Is inconsistent between system-wide and user-specific hierarchies
Not documented or explained very well.
In short, the registry's ontology is massively overengineered, which makes it imposing, opaque, and inconvenient. In practice, a shallow hierarchy with shorter paths would have worked much better; gconf is better in this respect.
Oh, lest I forget: making registry typed was a bad decision. Plain text is a lot easier to manipulate and a lot more consistent for developers and administrators. Is storing "1" really much worse than storing (DWORD)1? (The former is actually smaller if it's NULL-terminated!)
I really don't think storing simple strings in the registry would have hurt performance much either: the registry is explicitly intended for small, infrequently changing pieces of information. The serialization and unserialization aren't really much of a problem, and Microsoft could have provided convenience functions. If the registry were loosely typed, it'd be lot easier to expose it as an ordinary writeable and mountable* filesystem. As it is, the best you can do is read-only because there's no way to tell what type a key should have when it's written. You have to provide special juju for writing keys because of the typing nonsense.
I've seen a lot of configuration bugs in both the Windows and Unix worlds. I've never seen one caused by loose typing of Unix configuration information, and I've seen a lot of pain caused by strong typing of Windows configuration information.
* Yes, Windows can mount arbitrary filesystems in arbitrary places in its name heirarchy. Few people use this facility; personally, I keep everything under C:\ just like a Unix system.
The registry isn't bad because it's stored in binary form, or because it's heirarchical, or because it supports transactions, or because it has ACLs. These are good (or at least acceptable) things.
The registry is bad because it's global and forces a lot of configuration to be global as well. For example, COM components are registered globally, so only one DLL can be associatded with a class ID at a time. That's why you can only have one version of Internet Explorer installed on the same machine. Yes, users have their own registry subtress, but not every key can be configured under the user-specific heirarchy. Even a user-specific key can only have one value at a time for a given user. Unix systems, on the other hand, use environment variables to hold (or point to) configuration information, which results in a lot more flexibility.
Because registry values are global, application developers only consider the case of running one program at a time. If you want, say, two copies of Outlook, each with different settings, you'll need two separate users. A lot of programs don't even support multiple concurrent instances, which is maddening.
Another maddening side effect of the registry being global is that it's not possible to have the equivalent of NFS-mounted home directories under Windows. Say you have a domain user foo\bar on machines A and B. It's natural to want them to have the same %USERPROFILE% (read $HOME) on a fileserver somewhere, and on Unix, that works just fine. But under Windows, when the user logs into machine A, the system will lock ntuser.dat (the file containing the registry), which prevents the user logging in under machine B. Application-specific configuration files that are locked only during actual changes don't have this problem.
The global nature of the registry also makes it difficult to maintain application configuration: if you want to isolate the configuration information used by a program, you're essentially reduced to looking at procmon output and seeing what registry keys it touches. While in principle programs should limit themselves to storing information under HKLU\Software\Blah\..., in practice, they scatter stuff all over the registry, especially when they register COM stuff. You can't keep just, say, Word's configuration under version control.
When people say they hate the registry, what they mean is that they hate that Windows is not very well-modularized. Isolating one application's registry configuration is like removing one egg from an omelet.
A better model would have been to have application-specific registries, searched according to a PATH-like environment variable. In this scheme, when the system needed to, say, look up a COM class ID, it would just search each registry in sequence until it found the right one. Applications would simply store their configuration and registration information in their own registry, making management easy.
But like most Windows brain damage, this scheme wouldn't have worked on a 386SX with 4MB of RAM in 1995, which means it can't possibly be changed in 2010. As we all know, design decisions are irrevecorable and eternal (and I'm only half-joking).
Slashdot Mirror
You are clueless. Nothing about a digital signature system requires encryption. "Cryptography" refers to the broader field that encompasses the topic under discussion. Part of that field deals with digital signatures. These provide authenticity: i.e., proof that a message is actually from who it's purported to be from. Encryption is another, different part of the same field. It concerns providing confidentiality that prevents a message being observed. Another field is the study of digest algorithms, including keyed hashes. These provide integrity: i.e., proof that a message has not been tampered with. These are all separate and distinct areas, and you are conflating them. A keyed hash is not a digital signature system.
Do that when the signature doesn't match. No need for encryption.
And that's *precisely* why encryption is pointless here: it provides confidentiality and nothing else, and we've already established that the plugin list is not confidential.
My interpretation was in the spirit of intellectual charity, not arrogance; i.e., I gave you the benefit of the doubt, employing the only interpretation that makes any sense.
Encryption without authentication is worthless. Either you're using symmetric encryption and you make the user enter the password every time the browser wants to read the plugin list (or worse, store the key on disk), or you're using asymmetric encryption and creating a message that can be decrypted by a given public key is simple.
Encryption *and* authentication is pointless in this case because the browser needs to be able to decrypt plugin information at all times using only information in persistent storage. Encryption does not provide any security properties in this context.
So we're left with authentication itself being the task at hand, which I assumed is what you meant. But instead of having an adult conversation about the issue, you have a temper tantrum. I'm through.
"Encryption" is the wrong word here. What we're talking about is digital signing. The way it would work is that upon installation, the browser would generate a public-private keypair, encrypt the private key with a password of the user's choice, and save the resulting public key and encrypted private key to persistent storage.
At all times, the browser would store the list of enabled plugins and sign it with the encrypted private key. Nobody can generate a valid signature for a list of enabled plugins without the password, and the browser will not use a plugin list unless it comes with a valid signature.
All this is fine as far as it goes, but it'll only work until our malicious plugin installer patches the browser binary and makes it skip the key check; the malware could also replace both the public and the private key with replacements of its choosing. Either way, the user may or may not eventually notice that something is wrong, but if he does, it probably won't be a while, and he probably won't be able to track the malfunction back to the evil installer.
Malware vendors can also wait for the user to type his password when installing a different plugin, then use that password to generate a valid signature for a plugin list that includes anything desired.
The moral is that applications still need to be sandboxed. They're not protected from each other. Without OS-level protection, applications can do horrible things (often without needing elevated privileges at all). Half-measures aren't the answer.
This approach is doomed.
The browser has to somewhere remember that a user approved an extension. It does this by writing state to disk. A malicious extension installer can simply modify this saved state to make the browser think the user installed and approved the payload. The same goes for a startup message advertising extensions that have been installed since the last browser run.
You can't win this fight without OS involvement. The correct solution is application-level sandboxing, which quite a few people are working on.
Blame? Who said anything about blame? Moralizing and pointing fingers doesn't accomplish anything. I don't begrudge the rich for taking advantage of their access to the levers of power. Human nature is immutable.
Ideally, we'd align incentives so that actions taken in self interest benefit all. Unfortunately, we don't have that incentive structure today. If we want to remedy that situation, we need to convince or force those currently in power to be more egalitarian; it just so happens that the people in power today (as is usually the case) are the ultra-wealthy.
Another point is to consider the efficient market hypothesis and the relative competence of people. If our system allocated resources efficiently, then the variance in personal incomes should match the variance of intrinsic talent. Consider software development: this field is highly unusual because some people can be an order of magnitude more productive than others.
In most fields, the gap is far smaller. Yet income disparity in the United States is on the order of tens of orders of magnitude. The difference between the theoretical and actual figures can only happen if rent seeking is occurring: that is, that income disparity is so severe is a strong indicator that our market system, instead of being free, fair, and efficient, is actually corrupt.
The pie is growing, but the wealthy are taking the vast majority of the increase:
The wealth disparity itself is a problem, but worse is the corrosive effect this wealth has on our political structure: those with money and influence are increasingly able to purchase government policies that further increase their share of the pie even at the expense of the total size of the pie. It's a positive feedback loop: more wealth leads to more power, and more power leads to greater wealth. This feedback is why I'm so dour about our prospects: the cycle seems impossible to break.
The little things we agitate about today: censorship, abuse of copyright, overzealous airport security, our foreign wars, the loss of our manufacturing jobs, are all caused by the increasing ability of the wealthy to pervert government to work in their favor. When power is concentrated in a few hands, the result is inevitably selfish exercise of that power and poor outcomes.
I'm impressed: I couldn't squeeze that many fallacies into the same sentence if I tried. You're arguing that poor people aren't productive, and that the welfare state, with its progressive taxation, is "slavery"? You're really arguing that people who make millions would be less "productive" if taxed at a higher rate? If you're posting on Slashdot, it's exceedingly likely that you are not wealthy enough for our current plutocratic policies to work in your favor.
You illustrate my point perfectly: you've been convinced by the propaganda of the ultra-wealthy and their lapdogs to argue (and presumably, vote) against your own economic interests and damn our country in the process.
I'm afraid you're right. The maldistribution of income in the United States is now worse than it was in the 1920s before the crash, worse than it was for most Latin American countries during their "banana republic" phases, and worse than it was for the Weimar Republic. A disgusting excess of wealth accumulated at the top has distorted our political system, making government insensible to the needs of the common people. This Internet censorship is just a tiny example of the ongoing decay of our society. Growing corruption and socioeconomic leads to civil unrest, and eventually, a violent revolution.
Revolutions are not pretty things. While there have been a few good outcomes (e.g., the American Revolution), the vast majority of post-revolutionary governments end up being oppressive theocracies (Iran [a perversion of the original intent]), violent tyrannies (France, the Bolsheviks), or fascist nightmare states (Germany, Italy, Spain). All were belligerent, and all led to war.
In the 1930s, we dodged lightning. FDR was a visionary who managed to head off a growing revolutionary movement by using public works programs, social security, and the rest of the "new deal" to improve the life of the common man. If we'd elected another Hoover, we would have most likely had a fascist revolt.
Today, we're not so lucky, and we have all the ingredients for a political hellstorm: severe and ostentatious socioeconomic inequality; rampant corruption in all branches of government; a climate of anti-intellectualism; and millions of angry, ignorant, and powerless people eager to hang their hats on whatever demagogue gives them the best scapegoat and massages their egos to his (or her) greatest advantage. It's a powder keg.
The revolution may not come tomorrow, next week, or next year, but barring a political miracle, it is coming. And when it does, the most reactionary, unstable, and angry elements of our society will control a military more powerful than the rest of the world combined and enough nuclear weapons to turn every city in the world to glass that glows in the dark. Napoleon and the fascist states of the mid-20th century had nothing on our power. God help us, and God help the world.
If your side seems powerless and morale is low, a symbolic victory is better than none at all.
The mechanism to accomplish what you state is called an injunction. If party A is doing something that harms party B and the cessation of the activity cannot wait until trial, party B asks a judge to issue a temporary injunction. A and B show up in court, and if the judge believes B, he orders A to stop under penalty of contempt of court.
That's how due process is supposed to work. Note that both parties have their say. What the DHS did is not due process.
It looks like a security boundary, acts like a security boundary, and smells like a security boundary. It is a security boundary as far as application developers and user are concerned. Even the terminology involved ---- "elevation", "integrity level", and so on --- suggests this interpretation. Claiming after the fact that "it was never intended as a security boundary" is just an exercise in weasel working.
UAC isn't there because we want to deal with it. If it isn't a security boundary, what's the goddamned point? If there are known holes MS refuses to fix, black hats will use these holes, and you might as well turn UAC off and avoid the inconvenience.
Yet a huge number of technology people are opposed to both organized labor and government regulation, all in the name of libertarianism? And you vote Republican?
The world wonders.
Oh, get real. We're talking about a few hundred dollars per seat. It's not unreasonable to pay that every few years for a tool you use to make your living. If you own a business, you pay more than that for artificial lighting.
If by "socialism", you mean having the kind of lifestyle that the citizens of France, Norway, Britain, Holland, Sweden, Belgium, Germany, Switzerland, and Italy enjoy, then I am a socialist.
Neither ideology's policies have really been tried! 41 of the 100 senators can kill any bill. The result is a debilitating inability to pass legislation in order to respond to circumstances. Any legislation that does manage to pass does so only after its supporters remove any half-objectionable policy provisions and load the bill up with bribes for each of the 10 opposition-party senators who have to vote for it. Neither party can reform anything this way. With nobody at the controls of the ship of state, it's little wonder our civil society has decayed. What little governance remaining comes in the form of increasingly brazen executive action, and that's deeply unhealthy for any democracy.
Eliminate the filibuster. Let whichever party is in control actually govern, and give that party a fair shot at improving our lot.
Now, as a liberal, I feel that conservative and libertarian policies would be disastrous, but I'd rather endure them for a few years so that voters would see how awful they are. Having seen what conservatism really means, voters would put progressives into office and keep them there, where they could do some good.
Frankly, I wish the Republicans had invoked the "nuclear option" a few years ago. In that world, without the filibuster, the Democrats would have been able to pass another New Deal and actually start the work of healing the country.
And split the liberal ticket so that conservatives win? No, thanks. A third party is not the right approach in any country in which Duverger's Law applies.
The proper venue to drag the Democratic party, kicking and screaming, in a more progressive direction is the primary. We don't need a party filled with Kucinich clones. Instead, we need to fill the Democratic Party with Kucinich clones. Only the latter has a chance in hell of working.
Bullshit. This false equivalence between the parties is fueled by conservative media outlets, and it's designed to frustrate voters so they skip the polls entirely, allowing the vote be dominated by the right-wing base.
If you want to see the difference between the parties, just compare the Bush keys to the legislation that was passed by the House over the past two years. A lot of that didn't make it into law, but that's because of Republicans filibustering in the Senate, not Democratic malfeasance.
It really takes a special kind of stupidity to think "they're all the same" after 2000-2008. The Democrats aren't perfect, but by god, at least they don't yearn for a return to serfdom.
Ah, I see what you mean now. Yes, running as non-root, it's a PITA to get into directories without the read and execute bits set. Gconf doing that is very rude, and it should definitely stop. Have you filed a bug?
Firefox stores the vast majority of its configuration information in user profiles, not in the registry. It also uses its own COM system internally, not the one provided by Windows.
The real problem is that the registry's organization is that it:
In short, the registry's ontology is massively overengineered, which makes it imposing, opaque, and inconvenient. In practice, a shallow hierarchy with shorter paths would have worked much better; gconf is better in this respect.
Erm, what's wrong with "chmod og-rwx somedir/"? Any decent backup program should be able to deal with directories with unfriendly permissions.
Oh, lest I forget: making registry typed was a bad decision. Plain text is a lot easier to manipulate and a lot more consistent for developers and administrators. Is storing "1" really much worse than storing (DWORD)1? (The former is actually smaller if it's NULL-terminated!)
I really don't think storing simple strings in the registry would have hurt performance much either: the registry is explicitly intended for small, infrequently changing pieces of information. The serialization and unserialization aren't really much of a problem, and Microsoft could have provided convenience functions. If the registry were loosely typed, it'd be lot easier to expose it as an ordinary writeable and mountable* filesystem. As it is, the best you can do is read-only because there's no way to tell what type a key should have when it's written. You have to provide special juju for writing keys because of the typing nonsense.
I've seen a lot of configuration bugs in both the Windows and Unix worlds. I've never seen one caused by loose typing of Unix configuration information, and I've seen a lot of pain caused by strong typing of Windows configuration information.
* Yes, Windows can mount arbitrary filesystems in arbitrary places in its name heirarchy. Few people use this facility; personally, I keep everything under C:\ just like a Unix system.
The registry isn't bad because it's stored in binary form, or because it's heirarchical, or because it supports transactions, or because it has ACLs. These are good (or at least acceptable) things.
The registry is bad because it's global and forces a lot of configuration to be global as well. For example, COM components are registered globally, so only one DLL can be associatded with a class ID at a time. That's why you can only have one version of Internet Explorer installed on the same machine. Yes, users have their own registry subtress, but not every key can be configured under the user-specific heirarchy. Even a user-specific key can only have one value at a time for a given user. Unix systems, on the other hand, use environment variables to hold (or point to) configuration information, which results in a lot more flexibility.
Because registry values are global, application developers only consider the case of running one program at a time. If you want, say, two copies of Outlook, each with different settings, you'll need two separate users. A lot of programs don't even support multiple concurrent instances, which is maddening.
Another maddening side effect of the registry being global is that it's not possible to have the equivalent of NFS-mounted home directories under Windows. Say you have a domain user foo\bar on machines A and B. It's natural to want them to have the same %USERPROFILE% (read $HOME) on a fileserver somewhere, and on Unix, that works just fine. But under Windows, when the user logs into machine A, the system will lock ntuser.dat (the file containing the registry), which prevents the user logging in under machine B. Application-specific configuration files that are locked only during actual changes don't have this problem.
The global nature of the registry also makes it difficult to maintain application configuration: if you want to isolate the configuration information used by a program, you're essentially reduced to looking at procmon output and seeing what registry keys it touches. While in principle programs should limit themselves to storing information under HKLU\Software\Blah\..., in practice, they scatter stuff all over the registry, especially when they register COM stuff. You can't keep just, say, Word's configuration under version control.
When people say they hate the registry, what they mean is that they hate that Windows is not very well-modularized. Isolating one application's registry configuration is like removing one egg from an omelet.
A better model would have been to have application-specific registries, searched according to a PATH-like environment variable. In this scheme, when the system needed to, say, look up a COM class ID, it would just search each registry in sequence until it found the right one. Applications would simply store their configuration and registration information in their own registry, making management easy.
But like most Windows brain damage, this scheme wouldn't have worked on a 386SX with 4MB of RAM in 1995, which means it can't possibly be changed in 2010. As we all know, design decisions are irrevecorable and eternal (and I'm only half-joking).