I did run AdAware and SpyBot once, but they were able to find nothing. And going with the bad analgies, I do lock the safe; it's called running as a normal user. Things like Process Explorer tell me what's inside.
Besides, if the kernel is compromised properly, even a malware detector can't help you. Nothing short of booting from trusted media can.
Sure, if you took the radiator cap off the car (against manufacturer guidelines), thereby crippling the cooling system, I would expect the car to die every other day. This is basically what it's like to run Windows as admin all the time. Microsoft recommends the use of a non-admin user for normal use. Now, it does suck that you have to install the cap after buying the car (create a non-admin user after installation), but it isn't that hard, either.
And as for software that requires admin just to run, that would be like driving on a road that requires you to take the cap off by ordinance before you can enter. There isn't a good reason for either.
Well considering they wrote some of them, I'd say that is their fault.
Yeah, a few of MS's own apps do have this problem. This does not, however, make it the operating system's fault.
Also, they set up the system and it's defaults in previous versions, software vendors just coded following MS's best practices, which have now changed, breaking many applications.
The version of Windows that has had compatibility handed down comes from version 1.0. It ran on top of DOS and had zero security, which was standard for PCs at the time. Version 2 had to be compatible with 1 and so on. If at any point MS broke compatibility, no one would upgrade because all their current apps would also break. This is not an excuse for software developers to continue to write crappy software. If they were writing to the best practices introuduced 11 years ago with Windows NT 3.1, this wouldn't be a problem.
until MS stops making users administrators by default.
Let's say that Windows FX is released tomorrow. The default user is not an administrator. Joe User tries to install ANY of his apps, but it doesn't work because there is some annyoing error box that keeps popping up. He assumes that it is incompatible, tells his friends that none of their software will work on FX, newspapers publish the same and normal users avoid upgrading. If Joe can't create a normal user and use that, how do you expect him to understand what it means to be a normal user by default? And here is the root of the problem: there are too many Joe Users that don't know the first thing about computer security, and it shows.
No usable paradigm can be immune to stupidity and ignorance.
People don't follow Microsoft's recommendations. MS says to not run as admin, but people do anyways. MS tells developers not to require admin to run programs, but listen not. These are not unreasonable instructions but are still ignored. It's too much work in the sort term. That would be like people overloading the car despite the car manufacurer putting in clear print in the manual to not overload the vehicle, naming the limit, with instructions on how to distribute weight. People see all the empty space and pack as much crap into the car as possible, drive with underinflated tires (also warned against in the manual) and then are suprised when the tires blow out as the car flips over while driving 80mph and sue. Who is at fault here?
I'm not sure that the analogy ever had any sensibility. Living in Brazil on a friendly beach is like being in a secure, closed LAN. It has nothing to do with the OS. Something relating to the OS would have to be different with the person, but is naked in both.
Once configured, and it isn't that hard, I don't worry about it anymore. I'm talking about both Linux and Windows.
Do you have to buy a separate device to make anything else you own function normally?
Who said anything about requiring a hardware firewall? There are free software firewalls, XPSP2 even comes with one.
Enabling the built in firewall breaks many applications. Running as a non-admin breaks many applications.
How is it Microsoft or Windows's fault that third party applications that never worked correctly in the first place break when proper security measures are taken? Would it be Linux's fault if Quiken2008 for Linux required root and caused a big security problem? I don't call a program that requries admin or open ports just to run, working correctly.
I run Windows without extras, and I have never had a virus, worm or malware infection. Windows does not need any of them when used correctly. No, the defaults are not as secure; defaults can be changed. You shouldn't be doing day-to-day stuff as admin or root regardless of the OS; that Windows lets you by default is not an excuse. A *NIX box can take just as long to configure properly. Note also that this process can be automated for both OSes: see unattended installation for Windows.
Clothes or not, going to a bad part of Detroit and annoying the locals at 3AM will get you in trouble. In your analogy, what would Linux be? How would it survive Detroit?
So why isn't it properly configured out of the box? Other systems are. Why not Windows (pre SP2)?
I don't know. I wouldn't say that SP2's defaults are that great, either. Bad defaults do not make the entire OS bad, however. It does make it unsuitable for use by incompetent individuals.
A computer is a commodity, to be used by a variety of users, where only a little part of them are capable of 'brak the shell into little unpriviliged sandboxes'. I know that I'm not.
Marketing says it's a commodity that anyone can use without having to know anything about how it works. I don't believe it, certainly not with current Windows defaults. The jury is still out on other OSes until they have the masses of ignorant users who want functionality and compatibility way over security with manufactures willing to give it to them. This is the free market: customers get what they think they want even when it isn't good for them. If a UNIX had the same defaults that Windows has (root for all), apparently to pacify programmers whose programs need root and users who don't understand what that even means, it would be just as insecure. No other OS has been able get this kind of market share, and I think Windows's crappy defaults and emphasis on compatibility are an important reason for this. For another OS to take its place, it would either have to do the same thing or somehow make up for it some other way. A different OS won't magically make it's users competent or be secure whilst maintaining the compatibility, convenience and functionaility that users demand.
About breaking the shell up, I mean to log on as an unprivlieged user and use RunAs or SU to start a little piece of the shell, setup or config program when necessary as admin. It'd also be nice if you use the above to run IE as a seperate normal user, although switching to FireFox would be better. Potentially three pieces of the shell: desktop, admin and IE.
No, it is not. There are Windows users with 50% more IQ than you or me, yet they still get pwned.
OK, by stupid I meant not competent to run Windows securely. Saying stupid was inaccurate and excessive.
Windows is a tool of necessity. I have to use Windows at work, since it is all that is offered. I bitch and complain a lot abou this and get heard only a little. So I'm stuck with it.
Do you have local admin to your workstation? If not, you aren't at much risk to malware (in my expierence) and if so, make a local user for normal use. I'm sorry that you have to use something you don't want to, but such is life.
Windows NT was built ground up as a multi-user system. Newly detected volumes are mounted automatically by default, but you still need read access on the corresponding device object (usually \Device\Cdrom0) to read a cd. The default gives everyone that access. The main difference is that NT's defaults are weaker, which can be changed.
I was under the impression that the automounter doesn't care who is logged on since it can be hard to determine.
Your analogy doesn't fit well. What do the security guards and heater represent? How about clothing? This implies that all OSes are the same inside (same naked human body) but others have clothing on the outside.
The first thing to do is not run the shell as admin, a step which is considered standard to other OSes. Just because it's default doesn't mean you have to follow it in ignorance. It's suprising how little malware will run without admin access. Normal users can't install things for anyone but themselves, and then only if you give them access to do that, or otherwise affect other users.
As for which is easier, I'd say that all OSes take some setup to get them working the way you want. How much depends on how far what you want is from the default. Changing the OS entirely is sure to make a much larger impact in the long run than proper configuration on installation.
That is the problem. Incompetent computer owners and those[1] who would encourage their ignorance. Windows is a popular tool of the stupid to screw up their computers.
Windows is not the problem. It can be just as secure if you know what you are doing. I run Windows don't run a virus scanner, any anti-adware programs, or have paranoia about the internet. I have never had a virus, worm, or malware installation. Unfortunately, good information and good tools to secure Windows can be hard to come by.
Windows security is like this: the underlying design of kernel and system is excellent, the implementation of these are good, Win32 is usable, and the shell is a security disaster. That's why I break the shell into little unpriviliged sandboxes that can't hurt themselves or others.
Once configured properly, it can be quite secure.
1. When I say those contributing to the problem, I mean the app developers whose programs require admin access just to run, company admins that give their users full admin access without even trying to investigate more granularity, and companies that advertise their computers as ready-to-use-out-of-the-box-no-knowledge-necessary , and leave the system wide open to attack.
Windows boxes are just as difficult to set up correctly. The problem is that many people wrongly believe that it is easier and that novices can do it correctly, which leaves a great deal of mal-configured Windows boxes.
Windows isn't susceptile to malware, if you know what you are doing. Judging from the quantities of infected machines, there seem to be a lot of incompetent computer owners.
What are you talking about? Internet explorer is a 100% user mode shell environment. It is not, has never been, and never will be integrated into the kernel, or given special hooks or privileges. All of the entry points into the kernel are exported by ntdll.dll. Tell me which of those functions hooks IE into the kernel. The objects you would need to control to take over the system are kernel objects which IE plays no part in managing. Since the Win32 server moved into kernel mode (in NT4), it has its own system function table, and none of those functions are a part of IE either.
Show me ONE malware program that can install itself for all users when only a normal user runs it.
SRP is setup ahead of time, by an administrator. It does not ask you if you want to run something. If it is allowed, it runs. If it is not allowed, it pops up an error box whose only option is OK.
Still, I don't think there is a system in existence that can reliably protect itself from user incompetence and still give them full control over their machine.
I'm saying that all life forms need to procure energy in order to continue living, in other words, eat. The law of conservation of matter and energy requires this. Living costs energy. A life form that has lost all of its energy has starved to death. Therefore, it is the nature of all life to need to eat lest they die. Where else do you think they are going to get energy from?
disease, if you thought instead of posting, is often the hunger of other organisms.
Which is nice, but irrelevant. Organism A is parasitic and causing disease for organism B. B is diseased, but A is eating. From A's perspective, A does not require B to live, so this disease is not required for A to live. From B's perspective, the fact that B's eating causes disease in A is immaterial because it is of no concern to B; B is not the one suffering the disease, so it doesn't matter. B is not requried to be diseased to live. This does not refute my statement that disease is not required for an organism to live, but eating is.
Non-root users and software can't screw up your system (short of using a root exploit, and that generally requires malicious intent) so as soon as your child is done, (s)he logs out, you log in, and all your stuff is as you left it.
On Windows (NT based) non-admin users and software can't screw up your system (short of kernel exploit), so create seperate (non-admin) accounts for your users. Each will have a seperate profile insulated from all the others. If you have some crappy software that requires admin just to run, make a SU -C file (it's like what setuid does) for it.
Almost no malware can install without admin priviliges (even then only for that one user). Normal users can't infect the system with a virus. Still, you may want to install Firefox anyways, for its other benefits.
Create a whitelist of hashes and paths for executables (exe, dll, vbs, cmd, bat, reg, etc.) you want to approve running; if it isn't on the list, it cannot be run.
Hunger is not a disease. Food is needed to sustain life regardless of the subject's health. It is inherant their nature, to require a source of energy.
It is necessary for all life to need food in the form of hunger, but is not necessary for it to become diseased. Birds can participate as a group in gathering food, something they must always do, but don't have any social services for treating of diseases. Each bird is on its own; if it can't recover, it dies without social remorse.
Note that I am not saying that we should live like the birds. I'm just trying to point out the difference.
In order for mod_dav to manage files, it must be able to write to the directories and files under its control using the User and Group under which Apache is running. New files created will also be owned by this User and Group.
There seems to be no support for having new files created as the user that logged on, far as I can tell. mod_dav does not handle authentication of logons itself, you have to use mod_auth_digest or mod_ssl, so it may not even be aware of what user is logged on.
I get the feeling that Apache was designed for providing uploads to clients only, not full scale IO, and that mod_dav is a bit of an afterthought for trusted users.
BTW: This mod (and Apache) specifically provide no support for quotas:
Another possible denial-of-service attack involves a client simply filling up all available disk space with many large files. There is no direct way to prevent this in Apache, so you should avoid giving DAV access to untrusted users.
What integrated hooks are you referring to in MSO?
MS Office has a program that (by default) loads at the same time as the shell does (after you log on) to precache binaries. This is the same thing that the OpenOffice.org Quickstarter does.
The only other thing that MSO does to load faster is that it uses common libraries that other programs, like the shell, use (like for OLE and COM) instead of re-inventing the wheel; something that OO.org can't do heavily because it would make them too dependent on a single platform, whose libraries they are not free to distribute.
What else could it be doing? Personally, I don't think either one starts very fast, but not intolerably slow either.
While, technically, you could probably come up with an OS design that used Win32 but excluded everything outside it (COM, ActiveX, etcetera), that OS doesn't exist and is unlikely to exist: Microsoft targets that part of the market with Windows CE.
And Windows XP Embedded; it uses the same binaries as normal XP but ALL the components are optional. Every component of the shell. Every driver. Even Win32 itself is optional. It's the add/remove programs system that XP never had (but should).
My position is that Windows, espescially the shell, is quite bad at protecting a user from himself. But then again, how many operating systems targeted at consumer use are good at this by default? When strong security barriers are used (job objects, running as different users, sessions), a secure system is very attainable, although sometimes at the expense of compatibility. From the massive size of the shell and mal-designed security features like security zones, the shell is not secure. The shell uses many different communication channels, most of which are securable (like COM over LPC) but there are just too many. Beneath the shell is Win32: Win32 is dividable into neat little sandboxes. Each box has no security inside but is very well insulated from other boxes. These boxes are formed with desktop and window station objects and by jobs that use proper UI limits. Win32 can be secure if you use its security functions, which the shell and current apps do not. To support Win32 there are a myriad of user mode services available across secure channels: LPC, with some RPC and SMB. Most of these services are optional: they can be turned off if not required to reduce attack area with a good amount of granularity, however a couple (RPC and remote LSA) can't be disabled; this is a problem. Also the fact that several insist that they muust be run as SYSTEM, even when there doesn't seem to be a good reason is a problem. Beneath these are the kernel and executive services. They use a modular object oriented system coordinated from a single component (the Object Manager). This part of the OS is very well designed IMO; it's very rarely the source of security problems. The bottom line: NT has a lot of security potential, more than capable of securing the system, that higher layers (the shell), poor defaults, and average users do not make use of. They can, however, be used manually.
Average people with a Commodore just put the tape in, typed LOAD and pressed play, or put the disk in and typed LOAD"*",8,1. Or on an Apple, put the disk in and turn it on. If it didn't work they would have no idea why.
The people willing to enter long pages of code were not average. They were the hobbyists, enthusiasts and professionals. Average people were not smarter or more computer literate than they are today.
It's far more likely to work using configure and make than trying to shoehorn in some binaries.
There isn't anything that "make install" can do in an automated way that a package manager can't. Even if the package just included the source and used configure and make to install, that would be fine.
If you check Webster's,
So Webster's dictionary is the one true dictionary that defines English, but WordNet 2.0 from Princeton University, where I got my definition, is wrong and void?
It's pretty hard to make some things work (like certain VPN clients) when the kernel doesn't have some necessary function. The changes to network protocols between 2.4 and 2.6 are a prime example.
Kernel function requirements can be included as another dependency. Perhaps one that requires distro-specific package to update. Kernel updates are not ouside the scope of a package manager.
If you're really opposed to compiling your own or getting help from the authors, I'd suggest dual-booting the two distros. It's something many of us have to do while coexisting with Windows. Personally, I use two different machines to have two distros running.
Or use VMWare or Virtual PC, or even Bochs if necessary. Why do you need two different distros running? If it's so easy to configure and make...
It seems to me that you want to enforce the MS-one-size-fits-all way on FOSS, which makes no sense.
No, I'm complaning that trivial differences are preventing me from installing packages from other distros. I don't want all the distros to become the same, I want to have a standard package format that contains enough information that the environment-specific installer can figure out how to make it work on this computer. I want to have diversity and compatibility at the same time; I know it's possible. Conforming to interface standards does not require you to have a software monoculture. HTTP is a standard protocol, but there are many different programs that implement parts of it. Would you call the Internet a monoculture just because almost all services follow standard protocols like HTTP, FTP, SSH, SMTP and TCP? How many operating systems implement TCP?
Slashdot Mirror
I did run AdAware and SpyBot once, but they were able to find nothing. And going with the bad analgies, I do lock the safe; it's called running as a normal user. Things like Process Explorer tell me what's inside.
Besides, if the kernel is compromised properly, even a malware detector can't help you. Nothing short of booting from trusted media can.
Sure, if you took the radiator cap off the car (against manufacturer guidelines), thereby crippling the cooling system, I would expect the car to die every other day. This is basically what it's like to run Windows as admin all the time. Microsoft recommends the use of a non-admin user for normal use. Now, it does suck that you have to install the cap after buying the car (create a non-admin user after installation), but it isn't that hard, either.
And as for software that requires admin just to run, that would be like driving on a road that requires you to take the cap off by ordinance before you can enter. There isn't a good reason for either.
And here is the root of the problem: there are too many Joe Users that don't know the first thing about computer security, and it shows.
People don't follow Microsoft's recommendations. MS says to not run as admin, but people do anyways. MS tells developers not to require admin to run programs, but listen not. These are not unreasonable instructions but are still ignored. It's too much work in the sort term.
That would be like people overloading the car despite the car manufacurer putting in clear print in the manual to not overload the vehicle, naming the limit, with instructions on how to distribute weight. People see all the empty space and pack as much crap into the car as possible, drive with underinflated tires (also warned against in the manual) and then are suprised when the tires blow out as the car flips over while driving 80mph and sue. Who is at fault here?
I'm not sure that the analogy ever had any sensibility. Living in Brazil on a friendly beach is like being in a secure, closed LAN. It has nothing to do with the OS. Something relating to the OS would have to be different with the person, but is naked in both.
Once configured, and it isn't that hard, I don't worry about it anymore. I'm talking about both Linux and Windows.
I run Windows without extras, and I have never had a virus, worm or malware infection. Windows does not need any of them when used correctly. No, the defaults are not as secure; defaults can be changed. You shouldn't be doing day-to-day stuff as admin or root regardless of the OS; that Windows lets you by default is not an excuse. A *NIX box can take just as long to configure properly. Note also that this process can be automated for both OSes: see unattended installation for Windows.
Clothes or not, going to a bad part of Detroit and annoying the locals at 3AM will get you in trouble.
In your analogy, what would Linux be? How would it survive Detroit?
No other OS has been able get this kind of market share, and I think Windows's crappy defaults and emphasis on compatibility are an important reason for this. For another OS to take its place, it would either have to do the same thing or somehow make up for it some other way.
A different OS won't magically make it's users competent or be secure whilst maintaining the compatibility, convenience and functionaility that users demand.
About breaking the shell up, I mean to log on as an unprivlieged user and use RunAs or SU to start a little piece of the shell, setup or config program when necessary as admin. It'd also be nice if you use the above to run IE as a seperate normal user, although switching to FireFox would be better. Potentially three pieces of the shell: desktop, admin and IE.OK, by stupid I meant not competent to run Windows securely. Saying stupid was inaccurate and excessive.Do you have local admin to your workstation? If not, you aren't at much risk to malware (in my expierence) and if so, make a local user for normal use.
I'm sorry that you have to use something you don't want to, but such is life.
Windows NT was built ground up as a multi-user system. Newly detected volumes are mounted automatically by default, but you still need read access on the corresponding device object (usually \Device\Cdrom0) to read a cd. The default gives everyone that access. The main difference is that NT's defaults are weaker, which can be changed.
I was under the impression that the automounter doesn't care who is logged on since it can be hard to determine.
Your analogy doesn't fit well. What do the security guards and heater represent? How about clothing? This implies that all OSes are the same inside (same naked human body) but others have clothing on the outside.
The first thing to do is not run the shell as admin, a step which is considered standard to other OSes. Just because it's default doesn't mean you have to follow it in ignorance. It's suprising how little malware will run without admin access. Normal users can't install things for anyone but themselves, and then only if you give them access to do that, or otherwise affect other users.
As for which is easier, I'd say that all OSes take some setup to get them working the way you want. How much depends on how far what you want is from the default.
Changing the OS entirely is sure to make a much larger impact in the long run than proper configuration on installation.
That is the problem. Incompetent computer owners and those[1] who would encourage their ignorance. Windows is a popular tool of the stupid to screw up their computers.
y , and leave the system wide open to attack.
Windows is not the problem. It can be just as secure if you know what you are doing. I run Windows don't run a virus scanner, any anti-adware programs, or have paranoia about the internet. I have never had a virus, worm, or malware installation.
Unfortunately, good information and good tools to secure Windows can be hard to come by.
Windows security is like this: the underlying design of kernel and system is excellent, the implementation of these are good, Win32 is usable, and the shell is a security disaster. That's why I break the shell into little unpriviliged sandboxes that can't hurt themselves or others.
Once configured properly, it can be quite secure.
1. When I say those contributing to the problem, I mean the app developers whose programs require admin access just to run, company admins that give their users full admin access without even trying to investigate more granularity, and companies that advertise their computers as ready-to-use-out-of-the-box-no-knowledge-necessar
Windows boxes are just as difficult to set up correctly. The problem is that many people wrongly believe that it is easier and that novices can do it correctly, which leaves a great deal of mal-configured Windows boxes.
Windows isn't susceptile to malware, if you know what you are doing. Judging from the quantities of infected machines, there seem to be a lot of incompetent computer owners.
The objects you would need to control to take over the system are kernel objects which IE plays no part in managing.
Since the Win32 server moved into kernel mode (in NT4), it has its own system function table, and none of those functions are a part of IE either.
Show me ONE malware program that can install itself for all users when only a normal user runs it.
SRP is setup ahead of time, by an administrator. It does not ask you if you want to run something. If it is allowed, it runs. If it is not allowed, it pops up an error box whose only option is OK.
Still, I don't think there is a system in existence that can reliably protect itself from user incompetence and still give them full control over their machine.
Organism A is parasitic and causing disease for organism B.
B is diseased, but A is eating.
From A's perspective, A does not require B to live, so this disease is not required for A to live.
From B's perspective, the fact that B's eating causes disease in A is immaterial because it is of no concern to B; B is not the one suffering the disease, so it doesn't matter. B is not requried to be diseased to live.
This does not refute my statement that disease is not required for an organism to live, but eating is.
Almost no malware can install without admin priviliges (even then only for that one user). Normal users can't infect the system with a virus. Still, you may want to install Firefox anyways, for its other benefits.
No, a different shell environment. The current shell is the source of almost all security problems. IE is a big part of the shell.
Also, not giving normal users admin and demanding apps that work properly in that environment will get you a much more secure Windows than default.
Like Software Restriction Policies, which is already a part of XP and later?
Create a whitelist of hashes and paths for executables (exe, dll, vbs, cmd, bat, reg, etc.) you want to approve running; if it isn't on the list, it cannot be run.
-Adaptation is possible
-Adaptation cannot cross some arbitrary boundary
-You call the species barrier
-Which you have not defined
How can anyone refute your position when it is so ambiguous? You might as well say that the boundary lies just beyond any examples anyone can provide.
It is necessary for all life to need food in the form of hunger, but is not necessary for it to become diseased.
Birds can participate as a group in gathering food, something they must always do, but don't have any social services for treating of diseases. Each bird is on its own; if it can't recover, it dies without social remorse.
Note that I am not saying that we should live like the birds. I'm just trying to point out the difference.
I get the feeling that Apache was designed for providing uploads to clients only, not full scale IO, and that mod_dav is a bit of an afterthought for trusted users.
BTW: This mod (and Apache) specifically provide no support for quotas:
What integrated hooks are you referring to in MSO?
MS Office has a program that (by default) loads at the same time as the shell does (after you log on) to precache binaries. This is the same thing that the OpenOffice.org Quickstarter does.
The only other thing that MSO does to load faster is that it uses common libraries that other programs, like the shell, use (like for OLE and COM) instead of re-inventing the wheel; something that OO.org can't do heavily because it would make them too dependent on a single platform, whose libraries they are not free to distribute.
What else could it be doing?
Personally, I don't think either one starts very fast, but not intolerably slow either.
My position is that Windows, espescially the shell, is quite bad at protecting a user from himself. But then again, how many operating systems targeted at consumer use are good at this by default? When strong security barriers are used (job objects, running as different users, sessions), a secure system is very attainable, although sometimes at the expense of compatibility.
From the massive size of the shell and mal-designed security features like security zones, the shell is not secure. The shell uses many different communication channels, most of which are securable (like COM over LPC) but there are just too many.
Beneath the shell is Win32: Win32 is dividable into neat little sandboxes. Each box has no security inside but is very well insulated from other boxes. These boxes are formed with desktop and window station objects and by jobs that use proper UI limits. Win32 can be secure if you use its security functions, which the shell and current apps do not.
To support Win32 there are a myriad of user mode services available across secure channels: LPC, with some RPC and SMB. Most of these services are optional: they can be turned off if not required to reduce attack area with a good amount of granularity, however a couple (RPC and remote LSA) can't be disabled; this is a problem. Also the fact that several insist that they muust be run as SYSTEM, even when there doesn't seem to be a good reason is a problem.
Beneath these are the kernel and executive services. They use a modular object oriented system coordinated from a single component (the Object Manager). This part of the OS is very well designed IMO; it's very rarely the source of security problems.
The bottom line: NT has a lot of security potential, more than capable of securing the system, that higher layers (the shell), poor defaults, and average users do not make use of. They can, however, be used manually.
Average people with a Commodore just put the tape in, typed LOAD and pressed play, or put the disk in and typed LOAD"*",8,1. Or on an Apple, put the disk in and turn it on. If it didn't work they would have no idea why.
The people willing to enter long pages of code were not average. They were the hobbyists, enthusiasts and professionals. Average people were not smarter or more computer literate than they are today.
Why do you need two different distros running? If it's so easy to configure and make...No, I'm complaning that trivial differences are preventing me from installing packages from other distros. I don't want all the distros to become the same, I want to have a standard package format that contains enough information that the environment-specific installer can figure out how to make it work on this computer. I want to have diversity and compatibility at the same time; I know it's possible.
Conforming to interface standards does not require you to have a software monoculture. HTTP is a standard protocol, but there are many different programs that implement parts of it. Would you call the Internet a monoculture just because almost all services follow standard protocols like HTTP, FTP, SSH, SMTP and TCP? How many operating systems implement TCP?