Security musings

nephele · April 9, 2024, 8:21am

Fearmongering. If I get you scared enough I‘ll get you to buy my product.

Luposian · April 9, 2024, 4:58pm

No one will believe an absolute lie. So, there must be some truth to foster fear/uncertainty/doubt (FUD). It worked in the Garden of Eden. The rules haven’t changed since.

So, since I only use the Microsoft anti-malware software, which costs me nothing… where is the value in fearmongering? They’re not making any money off it. It’s just an update that comes in every day or two. And, if the viruses and malware did NOT exist, then they’re just making me THINK they’re updating the software, but not? What a waste of time and possible drive space.

But, question remains… WHY don’t companies (Microsoft/Apple, for example) simply stop the possibility of viruses ever affecting their OS and tout that? What do they gain by NOT doing so, if it CAN be done as easily (and obviously) as suhr stated?

RogFanther · April 9, 2024, 5:24pm

Well, because it can´t ? Unless you change/improve users, and that is way harder …

X512 · April 9, 2024, 5:54pm

Because their OSes are written in unsafe programming languages like C/C++ where every small programming mistake can cause catastrophic consequences to overall system security. They need to fully rewrite kernel in some safe language as Rust to claim security.

Starcrasher · April 9, 2024, 6:42pm

I think the problem comes that all major systems have been thought before it became a real problem. Some have been rewritten since but, to keep compatibility with this or that some parts are kept or rewritten with same philosophy. At the end, there are no real improvements.
A rewrite in a safe language would improve things but would not be enough, philosophy has to evolve too. Anyway, in matter of security, the user is always the weakest link. Someone aware of risks could be safe but the majority will never be.

cb88 · April 12, 2024, 4:50pm

I think a lot of people get scared by multi user… because they think something is going to get forced on them. Like Microsoft does now with trying to force email accounts etc… when you just want to install the OS not register with MS.

As long as multi user stays out of the users way… it isn’t a problem. eg the default Haiku install can just boot into the default user and nobody is the wiser. But they could be more secure since services will run with different permissions etc etc…

But if you add users and turn on the login dialog etc … you can get an experience similar to Modern multi user OS for sharing that PC.