« Male or Female? | Main | Plausible? »

August 27, 2003

Designer Bugs II

This is a followup to this article yesterday. A few people have left comments and I have found more references along the same lines.
Petemade two key points, firstly:

Its not that we trust them. Its that nothing decent will run on any other platform. Unless you invest in a 'Games Machine' like PS2, X-Box, G-Cube etc, you cannot get decent games for anything else.

and secondly:


PC's would be perfectly safe if people weren't so stupid.

Starting with Pete's first point, just think about the implications - if you want to play games you need to buy a game machine or a PC. No argument from me. The problem comes when you want to use your game machine (be it Xbox, Nintendo, Sony, PC) and hook it up to the internet with inadequate controls. I see a disjunction in the primary purpose of the machine. Yes I play games on my Mac (or the Sun boxes at work) but that is not the primary reason for having a computer (at least for me). I agree there are not as many games available for the Mac. There are enough in the genre that appeals to me to keep me occupied but again that is not the justification for having a computer. After all I use a Newton quite heavily and it doesn't play anything more adventuresome than scrabble. So how about we go back to the earlier proposal and insist that people who want to connect a games machine to the big bad internet require a license. Problem solved. Geeks (like Pete) who know what they are doing and can secure their machines get a license, idiots who can't protect themselves are not allowed to connect to the internet unless they have a secured machine (one that is relatively idiot-proof (and I know that idiots keep getting smarter).

Jivha makes three different claims (edited):

1. People love default
2. Microslosh make things easy
3. Nothing else is that easy

None of this contradicts the suggestions above and please note that I am not proposing a Mac vs PC war here - the suggestion is that boxes which are inheritantly insecure not be allowed to connect without some level of control over the owner (who must prove that they can secure the box). Given Jivha's point about ease of use, how about this: your system gets infected (due to you failing to secure it), you loose your ISP connection (which may involve financial penalties to you). To get a new connection, you have to attend and pass 'Computer Ed' (like Driver's Ed) and arrange to get your box scanned with Nessus or a similar tool.

As the article last time pointed out, a lot of the responsibility does lie with Microslosh. They distribute the software without turning off dangerous services. They made bad things easy (turning on web servers) and good things hard (activating a firewall). The shipping defaults were irresponsible and the patch/update system is flakey at best (see Windows XP slightly less fun than circumcision without anesthesia and read the comments). You may also want to check this article about the number of patches required. Note that in both cases, part of the problem is the update process.

In comparison, Sun ship an operating system with incremental upgrades. It works like this: Solaris 9 is released (called Solaris 9 FCS). As bugs are discovered (and there will always be some bugs), patches are written and tested. These are divided into 'critical' and 'other' and tagged as such on the patch support sites. There is always available a 'critical (and security)' bundle which can be applied to a server to bring it up to date. After about three months, an incremental release of the operating system comes out. This will include support for new hardware and the current critical patch bundle built in (called say Solaris 9 04/02 - i.e. April 2002). The cycle continues. I have machines that may be at FCS + patch cluster and other machines at the 04/02 release. If I have to rebuild, I can use the latest release which jump starts the patch process. With Microslash, installing Win 2K today is the same as when it was released in 2000. There are three years worth of patches to add.

I guess that I want to finish by saying that this is not about which platform is "better", it is about responsibility and sensibility. Microslash is being irresponsible (and Sun have been irresponsible in the past) and should be chastised for it. After all, as Jivha clearly points out, the users will take the easy option and Microslash knows this. Users need to be either sensible (or as Pete puts it: "not so stupid") or forbidden from propagating their stupidity. We need a darwinian solution and right now that license scheme is looking attractive....

Posted by Ozguru at August 27, 2003 03:08 PM

Comments

Designer Bugs III Hopefully this will be the last word on the matter :-) There have been some *heated* comments and a few other blogs are getting on on the act. Patrick has this item and also this post about the lack of design sensibility. That is the key to the origina...

Posted by: GDay Mate at August 27, 2003 03:08 PM