Re: Expanding on KB 244600?

"Ian" <Ian@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EF268353-38B0-4663-A6B5-E35DECB9700F@xxxxxxxxxxxxxxxx
OK it's an old post but couldn't resist having my say:

Thinking back to those days, the majority of Win3.1/95 networks used
Netware. This was a very different beast from either Windows Servers or
Linux; for a start it was designed from the outset as a server and not a
server-come-workstation. Since there was never any intention of Tom, ***
or
Harry fooling-around at its keyboard, there was no great need for OS
security. On user-accessible volumes the permissions were designed around
the
tasks that typical office-users perform, instead of being primarily there
for
the use of programmers. That meant they worked in a way that users could
understand.

Netware was a hideously expensive product for what it did, but the fact
that it did that job so well kept it selling right into the NT era.

Looking at the current state of computing, what's desperately needed is a
slimming-down and rationalisation of software into manageable units.

Sadly, Vista (which we might've hoped would be a more streamlined OS)
seems
to be a departure in the exact opposite direction, with massive bloat and
huge levels of complexity. Complexity that makes the overall security of
the
system hard to gauge, because few people even understand it.. Considering
that most ordinary users still barely use - or even understand- 10% of
what
Windows 95 offered, is this the right way to go to achieve secure
computing?
I don't think so.


Interesting history trip. I would agree that the all, everything, plus
kitchen sink,
approach has well-known problems, and a lesson that appears not learned, in
fact not learned pretty much anywhere. With so many of the problems in
systems
(not just Windows) stemming from the need to carry legacy forward, one would
think it might occur to someone that the kitchen sink approach will have a
very
large footprint into the future ("but we cannot drop that - someone might be
using it").
I hope the approach being taken with factoring and with Longhorn will show
that there is an alternative. IIS 7 is a great example where full
minimization to
task has been taken to heart. The redesign of the network stack's hooks for
firewall/IPsec if good. At this point, I am hoping more will follow the
model.

--
ra


.