by mlw

I was talking with a friend about Linux the other day and was asked "Why is
Linux more secure than Windows?" The answer to that question is, of
course, quite complex. It has much to do with design choices made by
Microsoft vs those made by open source/free software camps.

The analogy that best fits the question is a fictional "Microsoft door 1.0."
It opens as you walk towards your home. It allows you quick entry even when
you have bags of groceries. It seems like a god send to the soccer mom and
involved father. Unfortunately, it also has a tendency to open for
burglars. M$ Door 2.0 sports a greater security, it requires facial
recognition. Unfortunately Door 2.0's facial recognition doesn't work as
well as it needs to, so people default to 1.0 functionality leaving the
premises unprotected. M$ Door 2.0sp1 adds voice recognition locking,
unfortunately, the test routine "open sesame" opens all M$ Doors. M$ Door
2.0 SP2, touted as "rock solid" fails to open for anyone. And so on and so
on and so on.

The real problem is that a door is a protective device, it should
provide an amount difficulty to gaining entrance. Yea, sure, it would be
nice to have all the conveniences, but the idea you are circumventing one
of the primary purposes of a locked door for convenience doesn't make
sense.

The real solution that M$ Door is meant to provide but at a loss of
security can be achieved, the "Linux way," with a small sun porch and a
small table on which to rest your bags while you get your keys.

Think about this, the analogy may seem a bit silly at first, but the
difference is that M$ Door tried to make your life easier by trying to
replace or eliminate tried and true security with untested and flawed
security methods. whilst the "Linux way" tries to make dealing with
established security methodologies easier.

Can there be improved security? Of course there can, but it takes design and
testing to really understand the weaknesses of a system. M$ has a habit of
releasing APIs and methodologies well before they are completely thought
out. Worse yet, these poorly design systems are pushed on to MSDN
developers as the future. After initial acceptance of the new APIs, flaws
are found, and viola! A new exploit is born.

The problem is that the new exploit isn't a bug, it is worse, it is an
opportunistic use of a poorly done and haphazardly addopted API. There are
so many of these in Windows that it can never be as secure as people wish
it were. A user level program will always be able to do damage to a
Windows session or the whole install unless and until Microsoft redesigns
every single API from the ground up, a move which will break countless
applications and limit its acceptance.

--

A fatal exception 0E has occurred at 0028:C000BD1D in VXD VMM(01) +
0000AD1D. The current application will be terminated.