There is no double-standard, just someone who still dosn't "get" it.
Yes there is and just the spin that in attempts to explain away
vulnerabilities.
They don't like Windows programming because the API is such a mess.
However, if you know how to write multiplatform code and use a
multiplatform graphics toolkit like GTK, you can write a program for
X-Windows and need only change a few defines to recompile it so it'll
work under Windows. No Windows-specific knowledge is necessary.
I'll agree with you on the state or Windows API. I will also add that
most of the GTK stuff I've seen looks like crap. WxWindows would look
much better.
The question is, what percentage of those who develop for Windows,
know how to develop for Linux?
Probably not many. I don't entirely disagree with you on this.
They are virtually nonexistent. Go to tucows and load your Windows
system up with a few hundred popular Windows-only freeware apps, and
then tell me how many you can get the source code for.
Tucows is not the only game in town. As I said, there are not very
many but they are not non-existant.
So home PC's are "just as big a target" (your own words), they're not
even the ultimate target (just a means to get at servers), and yet
Windows is the inundated in worms and viruses, while such things are
virtually unknown by Unix, Linux, and the *BSD's?
These things are not "virtually unknown" by Linux, etc. They are very
rare in comparison to windows, sure. You just need to think about
this a bit. For several years now the best and easiest transport
method for viruses, worms, etc has been email. How many Linux, etc
servers do you know of have users pulling up email clients and reading
it on the server? The combination of Windows providing these bells
and whistle to wow the consumer and having the dominate (something
like 90%) number of desktop users makes them the big target. And
don't misunderstand. A lot of it has to do with a poor programming
discipline in regards to security on the end of MS.
But isn't Windows supposed to be easier to use, and have more
features, so why should anyone need to know as much to secure it?
Easier to use and having more features does not inherently dictate
anything whatsoever about the security of the system. In fact in many
cases usability of the system is inversely proportional to the
security of that system. For instance a system that requires no
password for it's use is more usable than one that doesn't. Which one
is more secure?
Equal number of machines, equally skilled admins, yet only the Windows
admins have to worry about worms and viruses.
Take the argument up with the security experts. I'm just repeating
their words. I'm sure that you know much more than people who have
been working as professional security engineers for over 20 years.
Since when does a web server need a GUI? A calculator program? A word
processor? A paint program? A media program? A web browser?
The web server doesn't need a GUI. However the rest exposes the
typical Linux mentality. No GUI's for word processors, paint
programs, media programs, web browsers? You REALLY don't want Linux
to succeed on the desktop do you?
My point is not that these things aren't needed somewhere, but that
you can't install just exactly the things you need to do a very
specific job and nothing more. Every application you add brings more
ways a hacker can break in so why increase your risk exponentially
with hundreds of megabytes of code that doesn't do anything you need?
Exactly. Again this comes down to usability vs security. Provide no
GUI's for these things and you'll never make progress on the desktop.
Start adding them and enhancing them to the level that MS is and you
will end up with many more security issues to deal with.
Case in point. WINE. WINE is primarily a mechanism to provide users
with the ability to run Windows programs of which the equivalent does
not exist in Linux either at all or in usability. The primary point
providing usability. Guess what - that opens Linux up to some extent
to some of the same vulnerabilities of Windows. It has been reported
that someone running Outlook Express under WINE became a victim of a
typical email virus that OE was susceptible to.
All it added was useless bells and whistles that the corporate office
needs like a hole in the head, and the price they're paying for those
geegaws is having their mission-critical systems and data destroyed by
worms written by 12-year-olds.
If they didn't need it they wouldn't use it. I see it used all the
time.
I doubt it, because you're overrating the need for these bells and
whistles.
Again this mentality will not go far in the battle for the desktop.
Don't get me wrong. I see beauty and security in simplicity. However
the fact of the matter is, a significant factor why people are buying
this stuff is because of the bells and whistles. You may not like it.
To some extent I don't like it, however to compete you have to come to
grips with it. I see Linux gradually implementing a lot of "useless"
bells and whistles on it's desktop as well. Why? They want a chunk
of the desktop market. Otherwise they wouldn't do it.
Been hearing that same thing from Microsoft ever since Windows 3.x,
usually preceeding each new release which, however, wasn't much better
than the previous one.
Basically on the consumer level, desktop security has been extremely
poor since the beginning with Windows. Until the release of XP home.
I'm not saying XP home is the epitome of a secure system. It is not.
It is, however, a vast improvement over the previous consumer desktop
offering. That being said, MS is still way behind and playing
catchup.
Right now large corporations are running their office desktops on
linux, without the ability to embed executable applications in their
documents. It's nothing but a useless geegaw designed to excuse forced
upgrades and ever-higher software prices.
Not all large corporations have the same needs. Also I would contend
that there is some exasperation among companies about Windows. To the
point where they are willing to sacrifice some useless for
alternatives. I am aware that some corporations are doing this. To
suggest that it is a widespread movement would be misrepresenting it
badly. I am encouraged, however that this is happening because I do
want Linux to be a serious contender on the desktop.
Again, I don't completely disagree with you. Certainly there are
useless things there. But that's just my opinion in the context of
how I use my systems. There is some reasonable (and elusive) line
somewhere. Windows is on one side of the line and Linux is on the
other. I just happen to think that Windows is closer to the line.
But, for example, someone else who has little use for GUI's it would
be the opposite
Actually, Windows copied its functionality from Apple and from
X-Windows window managers. Windows 95, for example, copied its gray 3D
look and features from Motif for X-Windows. X-Windows users were
running multiple desktops even before Windows 1.x. X-Windows users
were using a taskbar before Windows 95 - and one that allowed more
than one Start menu. They had themes, rollup windows, and the
equivalent of skinning back then, too.
These are mostly aestic "features" (except for the task bar). We
weren't talking about those so I'm not sure what your point is.
Multiple desktops being useful for the typical desktop user is
extremely rare. The taskbar is certainly useful. But again, I know
of no windows vulnerability related to the taskbar. We were
discussing bells and whistles in Windows that were the source of
vulnerabilities.
If you think Microsoft has anything on X-Windows, ask someone to show
you the Enlightenment window manager on a Linux system sometime.
I've seen it and used it. Overall it looks very good. But again
that's just aesthetics. However the standardization/organization of
virtually every desktop that I used in Linux quite frankly is poor.
version blah has the cancel button on the left, version blah+1 has the
cancel button on the right. Version blah has a terminal launch button
on the task bar, version blah+1 does not. Version blah has a somewhat
useful package manager, version blah+1 has no package manager.
Applications don't have the same look and feel and even basic
operations are different. Consistency in the various GUI's isn't
there. And apparently a lot of Linux developers don't understand how
to put together a decent RPM. I get this RPM and install it. Now
where is it in the menuing system or "start menu". Nowhere to be
found. I have to open a command line up and search for the GUI
executable. Apparently they don't have the common sense to realize
that if the application has a GUI front end that someone might
actually want to use it and therefore there should be a link to it
easily available from the desktop. I've installed many RPM's and
scant few of them did this. I could go on with more but I think I've
made the point. There is much more to a very usable desktop and GUI
design than just looks and a few basic useful mechanism
If this were true, projects like X-Windows, Mozilla, Gnome and KDE and
all those thousands of X-Windows applications wouldn't exist. CLI is
great for some things, and GUI for others. Most people use a little
of each.
You have a point, but from my perspective stuff like Gnome would not
exist if it weren't for the pressure to try to come up to speed in
usability to Windows and the Mac. In the last five or six years Linux
usability from the GUI perspective has dramatically improved. But to
claim that it has arrived to be equal is not true. There is plenty of
work still to be done.
Part of the problem is with the nature of Open Source. It has it's
good points and drawbacks. One of the things that inhibits the
ability to achieve the usefulness that Windows, Mac has is the
resistance to embrace GUI standardization wherever possible. With
Windows/Mac, the user knows where all the controls are likely to be
and that if they install a program links to it will appear in the
Start menu, etc, etc. The other related thing is that of the
independent spirit. Standards are resisted because it "stifles my
work/creativity/whatever". That is true to some extent, but to spurn
standardization is to inhibit usability.
Case in point. There was an article posted on /. last week where
someone suggested that the Linux desktop should be standardized to
increase usability. I personally feel it's an excellent idea. You'd
have though the guy was promoting some fascist neo-nazi philosophy
from many of the responses I read. It was almost considered heresy.
That mentality needs to go out the window.
(