[LINK] Animated cursor flaw in All Windows

[Adrian Chadd]

On Wed, Apr 04, 2007, Kim Holburn wrote:

> >The month of apple bugs showed Apple is capable
> >of the same kinds of bugs that pop up in Windows software.
> 
> The month of apple bugs shows that people are doing stuff to make it  
> more secure.  This is a good thing.

There's stuff being done to Windows to make it more secure; thats a good thing.
I've locked up MacOS/X's UI by screwing up my UI design in interface builder
and routing messages in a loop - interesting DoS. I wonder if it still works..

> The critical problem with MS OS's is the default settings and the  
> capability of launching almost anything by clicking on it or worse  
> just viewing it, making everything easy for non-techie users.  A good  
> and secure OS can be may insecure with bad defaults.

Actually, they've flipped the balance back over to too many questions with
Windows.

> Consider: linux mostly insists that you run everyday operations as a  
> non-privileged user.  Windows doesn't allow you to do lots of things  
> like run many applications as a non-privileged user.  Ever try  
> burning a CD as a normal user on windows?

Ever try installing a packaged application as a non-privileged user
under Linux? Applications with hard-coded binary/library/configuration paths
that aren't overrideable, for example. At least I can stare at the install.sh
in some of the commercial packages that do a if (uid !=0) {echo "Must be root
to install me." } check.

> A badly designed OS with inherent security problems is even less  
> secure with bad defaults.  Having a compulsory web browser tied into  
> the kernel with an insecure programming language (Active-X) that can  
> download and run ... ahhh don't get me started.

Hey, go on, it'll be fun. :)



Adrian