Chicago Boyz

                 
 
 
What Are Chicago Boyz Readers Reading?
 

 
  •   Enter your email to be notified of new posts:
  •   Problem? Question?
  •   Contact Authors:

  • CB Twitter Feed
  • Blog Posts (RSS 2.0)
  • Blog Posts (Atom 0.3)
  • Incoming Links
  • Recent Comments

    • Loading...
  • Authors

  • Notable Discussions

  • Recent Posts

  • Blogroll

  • Categories

  • Archives

  • The Myth of “Security Through Rarity”

    Posted by Shannon Love on August 29th, 2009 (All posts by )

    If malware was water falling from the sky, the experience of people running the big three desktop operating systems would go something like this:

    Mac OS X: “Is it sprinkling? I thought I felt a drop there. Did anyone else feel a drop? No? Maybe I just imagined it.”

    Linux: “Oh, yeah… I definitely felt a sprinkle or two there.”

    Windows: [Can’t say anything because they’re pinned to the foot of Niagara Falls by tons of down rushing water.]

    For the last ten years, there has been a raging debate among computer geeks as to why Mac OS X and Linux have virtually no problems with malware while Windows is often almost crippled by it. The most commonly accepted explanation is called “Security Through Rarity.” This concept holds that on a technological level Mac OS X and Linux are just as insecure as Windows but that the relatively small market share of the first two operating systems makes it unprofitable for malware programmers to spend the time trying to infect them.

    I have longed believed that the basic premise of “Security Through Rarity” largely explained why I can run my Mac OS X machines without any additional anti-malware software but don’t dare do the same for my Windows machines. For the last decade, I and everyone else who believed in the concept have expected that “any day now” the Mac’s immunity from malware would end in a shocking gotterdammerung of a Mac malware pandemic but it hasn’t happened yet. Just as the failure of other types of apocalyptic prophesies undermine people’s faith in those prophesies, the fact that the long-prophesied Mac malware apocalypse has never manifested in more than a trivial manner has caused me to reexamine my belief in the “Security Through Rarity” concept.

    There are several good reasons to doubt that “Security Through Rarity” explains the lack of malware that exploits Mac OS X in particular.

    First, back in the ’90s Macs had a smaller market share than they do today, but they had more malware problems both absolutely and by percentage of the installed base.

    Back then, Macs used a different operating system, now called Mac OS Classic. Classic was a single user OS with no privilege restrictions or other forms of basic security. Before the Internet really took off, malware spread by infected disk, and Macs were overrepresented in environments like education and graphics design in which there was a much higher level of disk swapping between machine than in the PCs of the time.

    During my time in Apple tech support, we encountered several successive waves of malware outbreaks. We all ran anti-virus software and advised our customers to always do the same. I personally discovered that the dreaded “AutoStart” worm was corrupting AppleShare file servers. Malware was a big problem for Macs back then.

    If  “Security Through Rarity” explains why Macs today don’t have major problems with malware today, why did Macs have more problems with malware back in the mid-’90s when Apple’s market share was at its nadir? Why did malicious hackers bother to write malware for Macs back then when the possibility for profit or notoriety was even smaller than today?

    Second, Linux has a smaller market share than Mac OS X but has more malware targeted at it. Granted, compared to Windows, the Linux malware problem is still trivial. Linux has just a few dozen pieces of malware in the wild compared to 9000+ for Windows. On the other hand, Linux is a rich target because the primary use of Linux is to run the Apache Web server and other Internet related server apps. If a malicious hacker could use malware to infect and control a Linux web server, then they could stand to profit to a much greater extent than they could by hijacking an ordinary desktop. Yet Linux sees few problems, though still more problems than Mac OS X.

    If  smaller market share explains why Macs today don’t have major problems with malware, why does Linux with its smaller market share have a bigger problem with malware than Mac OS X?

    Third, although Mac OS X’s share of the installed base is small compared to that of Windows, in absolute terms there are still tens of millions of units out there. The Mac installed base has been over 20 million units since the late ’90s and in the last couple of years that has jumped to an estimated 30 million units (75 million if you include the slimmed down Mac OS X in the iPhone.) That’s a lot of targets for malicious hackers. In proportional terms, Mac OS X has roughly a 5%-10% share of the total Internet-connected computer installed base. That translates into a minimum of 1 in every 20 Internet-connected computers in the world running Mac OS X.

    That’s a lot a computers in absolute terms. There are definitely enough Macs out there to make writing malware for Macs worthwhile. Malware writers can make a lot of money if they can gain control of a just a few thousand machines. Granted, an infected Mac would only infect 1 out of 20 other computers it randomly chose for attack, but since malware can carry out hundreds of such attacks every hour, the small chance of success would quickly add up exponentially in just a few hours.

    Mac malware would be especially profitable given that (1) almost all Macs are connected to the Internet, (2) almost all Macs are administered by non-computer savvy end users, (3) most of these non-savvy users pay little attention to security and (4) the vast majority of Macs don’t run any kind of anti-virus/anti-malware software at all. If, as the “Security Through Rarity” advocates claim,  it is just as easy to write malware to infect Mac OS X as it is to write malware to infect Windows, the lack of security consciousness and software on the 30 million Macs in the world would make them easy pickings for malware authors. It would be like the world’s best high-tech international jewel thief breaking into an Amish household.

    If “Security Through Rarity” explains the lack of Mac OS X malware, how many tens or hundreds of millions of Macs would there have to be to make attacking them worthwhile?

    In business terms the Windows malware “market” is saturated while the “market” for Mac OS X malware is under served. It’s business 101 (and common sense) that the same amount of effort produces a higher rate of return in an under served market than in a saturated market.

    At this point, the “Security Through Rarity” explanation relies on the idea that greedy, amoral yet technically cunning malware programmers have never noticed all these facts and therefore have never bothered to write malware for the Mac.  Given that there are some actual pieces of malware for Mac OS X we can safely disregard this idea. Clearly, malware programmers are trying to attack Mac OS X but are failing. Given the laxity of anti-malware vigilance by Mac users, one bright malware programmer could make his fortune if he could successfully propagate just one piece of Mac OS X malware through a few hundred thousand Macs.

    The lack of such malware is all the more puzzling because every year computer security experts publish flaws they find in Mac OS X that hypothetically could be used to create self-spreading malware (viruses and worms). Why haven’t malware programmers exploited these publicly available Mac OS X flaws that the security experts describe in such fine detail? With just a week’s work, a malware author could hypothetically turn the expert’s description into a real piece of malware, seize control of hundreds of thousands or even millions of Macs and cash in big time.

    (Hell, just the lure of the bragging rights that would come from being the first programmer to write a successful virus or worm for Mac OS X tempts even me and I have some ethics.)

    If amoral programmers have the physical ability to steal from others without consequence, they will try to do so. The fact that they haven’t infected Mac OS X machines on a wide scale is powerful evidence in itself that they cannot actually infect Macs on a systematic basis. It’s the best real-world test we could ask for.

    Then what does prevent malware programmers from cracking Mac OS X and Linux? There may be some non-technology related factors. The programmer culture that evolves up around each OS might make it less likely for Mac OS X and Linux programmers to go bad. The usage patterns for the two secure operating systems might make them more immune.

    In the end, however, I think that despite all the round-and-round debate about the security models of all three major operating systems, the real world experience provides concrete evidence that the Unix based security models of Mac OS X and Linux are superior to the Windows security model. When all the histories and tradeoffs of the three operating systems’ technology sum up under real world conditions, Windows  has massive flaws that the other two do not.

    Over the last decade we’ve tested the “Security Through Rarity” hypothesis and it has failed. Mac OS X and Linux appear to be more secure against malware because on a technological level they are actually more secure. Market share has little to do with it.

     

    26 Responses to “The Myth of “Security Through Rarity””

    1. Steve Poling Says:

      I think you made a very good negative case for debunking “Security Through Rarity,” but you failed to make the positive case and I was quite anxious waiting for you to make it.

      Both Linux and Mac OS X are based on Unix (loosely speaking). Unix was invented by Bell Labs to run telephone switches. And it was given away to universities for the price of magnetic media. Unix was then installed on multi-user systems. (Computers being so expensive that one minicomputer had to be shared by hundreds of users.) All through the ’70s and ’80s, every phone phreak and every prankish computer science student sought to gain control of the operating system. Sysadmins of these systems were generally bright, technically adept individuals who did their best to plug security holes as they were discovered. This is two decades’ worth of hardening against attack cooked into the Unix codebase and reflected in Mac OS X and Linux.

      Even these facts miss the point i want to make. Unix was designed from the very beginning as a multiple user operating system, and from the beginning it had to worry about protecting users from each other. One man, one cpu was unthinkable back then, and OS design followed from the premise of multiple non-cooperating users. The Unix codebase was written from the ground up with security in mind.

      The difference is not unlike cooking potatoes and adding salt to them. It makes a difference if I put salt into the cooking water than if I wait until I’ve got mashed potatoes on my plate.

      Operating systems devised in the late 1980s, DOS, Mac Classic, AmigaDos, share the assumption that there’s only one user on the system and engineer gray cells were spared the work of thinking overmuch about security. A decade ago when a friend raised questions about security holes in the Microsoft OLE architecture, everyone from Bill Gates on down just shrugged.

      Security was added later. Thus, the security you see in Windows is like seasoning added to food after it’s been cooked. It’s a hit or miss proposition. A little too much here, not enough there. All an enemy needs do is find one of the gaps and he’s in.

    2. Jose Angel de Monterrey Says:

      I have used Mac OS for centuries and I never used an anti-virus or anti-malware or had to deal with problems with the registry, the minute I got a Windows pc, I started dealing with viruses, worms, trojans, anti-viruses, registry cleaners, etc. It is just amazing how much time a windows user has to spend dealing with security.

    3. anonymous Says:

      I don’t buy it. If only 5% of computers worldwide are Macs, a Mac would have to be at least 20 times likelier to infect with malware to make it worth your while as a malware author to write code for it, in order to gather together a botnet of comparable size. No wonder few bother.

      Also, few malware authors work in isolation. You need a certain critical mass of black hats exchanging tips and information, mentoring, doing collaborative “R&D”, and so forth, all of which is easier to achieve within a larger target market opportunity.

      In other words, there may be a “network effect”, which means that the value of a network is proportional not to the number of nodes, but to the square of the number of nodes.

      We can see this in, for instance, languages: English has about 20 times more speakers than Romanian, but if we measure the number of people learning English vs. learning Romanian as a second language, we see that English is considered much, much more than 20 times more important. Most people focus their efforts on learning English, even if some of them (speakers of Romance languages in particular) might consider English harder to learn. I suspect most malware authors focus their efforts on learning to hack Windows, for much the same reason.

      If it really was true that there was more Mac malware back in the 90s than today, there might be a simple explanation: back then, many hackers were motivated purely by the intellectual challenge, whereas today they’re much more criminally organized and businesslike and out to make a buck. You could compare it to, say, a bored nerdy college student learning the artificial Klingon language just for fun, versus a buttoned-down ambitious young MBA studying English or Mandarin as a second language for the purpose of career advancement.

    4. Shannon Love Says:

      Steve Poling,

      Both Linux and Mac OS X are based on Unix (loosely speaking). Unix was invented by Bell Labs to run telephone switches

      I’ll cover that in a future post. In this post I just wanted to demonstrate that conditions postulated by the “Security by Rarity” don’t exist now and probably never did. Arguments over technical minutia don’t mean much to non-geeks but its pretty easy for even a computer novice to see that 30 million unprotected Macs make a tempting target.

    5. Curmudgeon Geographer Says:

      I believe Apache is enough to dispel the security through obscurity myth. Apache dominates the web server market. Microsoft makes web server software. Apache has nearly 50% of the web server market (once having nearly 75% four years ago), Microsoft is below 25% and falling.

      http://news.netcraft.com/archives/web_server_survey.html

      If security through obscurity was a factor, Apache would be continually compromised by hackers. It is the juicier larger target. Yet we know it is Microsoft’s web browsers that get the swiss cheese treatment by hackers around the world.

    6. Shannon Love Says:

      Anoymous,

      If only 5% of computers worldwide are Macs, a Mac would have to be at least 20 times likelier to infect with malware to make it worth your while as a malware author to write code for it, in order to gather together a botnet of comparable size

      That’s the kind of superficial thinking on which the argument is made but it fails because it adopts the global top down perspective instead of the perspective of the malware programmers.

      From the perspective of the malware programers, its the number of machines absolute they can infect and not the percentage of all machine world wide. Depending on the particular scam your running you may only need a few hundred machines. Most bot nets have around 1,500. The really huge ones have 150,000-300,000. So, if you could infect just one percent of all Macs you could make one of the largest botnets known. If you stole identities from just a few thousand naive Mac users you could potentially rake in millions. You can’t say that that kind of money won’t tempt people.

      By analogy, would it really matter to a safecracker if a bank used an rare and unfamiliar safe mechanism if there was a lot of money in the safe? No it wouldn’t. The safe cracker would invest the time and resources into learning to crack the safe and malware programmers would do the same thing if they could. They’ve had 10+ years to try and none have succeeded.

      In other words, there may be a “network effect”, which means that the value of a network is proportional not to the number of nodes, but to the square of the number of nodes.

      This is indeed a factor but since security experts supply detailed information about security exploits it would only take one good programmer to create a single successful piece of malware and once someone proved it could be done the gates would open.

      Remember, we are told that it is as easy to technologically hack Mac OS X or Linux as it is Windows. That means there are the equivalent of 30 million completely naked Windows boxes out there. According to this idea, a computer with Mac OS X is the computer equivalent of an AIDS patient with a compromised immune system. They’re just waiting for one good sneeze and they’re infected. Yet after ten years, nobody has sneezed. Is that really creditable? Would highly organized and technologically sophisticated criminals really ignore that many unprotected boxes just because they had to learn a new OS? I don’t like programming for Windows because I have done so little of it but I could if I had too.

      Many have claimed that it is just as easy to write a Mac virus or worm as it is to write one for Windows. Ten years ago I agreed and believed that a serious Mac malware problem would return. I was wrong. I no longer find the social or economic arguments explaining the gap credible. I think the reason lays in the technology.

    7. Mrs. Davis Says:

      Wasn’t Windows NT based on Unix?

      Does this mean we should thank Scully for Mac security by driving Jobs to NeXT?

    8. Kirk Parker Says:

      Unix was invented by Bell Labs to run telephone switches.

      Nope, it was created pretty much as a guerilla effort to do multiuser text processing, compiling, and the like, by some refugees from the Multics project.

      Wasn’t Windows NT based on Unix?

      Certainly unix had an influence on almost everything that followed, but in terms of direct lineage Dave Cutler supposedly brought some VMS influence with him. I don’t know how accurate that claim is, but certainly NT processes remind one of VMS much more than they do unix.

    9. TMLutas Says:

      I think that this article has some real insight but that’s compromised by mistaking the malware market. Ultimately, the malware market is targeting one of two things, compromising information on the computer (stealing account numbers and other personal information) or stealing computer resources. I would suggest that the latter is the far more common case.

      There are four resources to be stolen, CPU cycles, memory, disk space, and network bandwidth. So long as the computer is still usable by its legitimate users, the computer itself is not ‘saturated’, ie more can be stolen. The idea that the Windows market is saturated is simply not consistent with what is going on. Badly infected computers can and often do have dozens of exploits running simultaneously. When a particular computer’s market (its spare resources) becomes saturated, an OS reinstall resets the market or the computer is thrown away. Saturation is not a permanent phenomenon. The Windows market is not saturated and as a practical matter will never be saturated.

    10. Roy Lofquist Says:

      I spent some time inside one of the early multi-user systems in the mid 60s. The Xerox Data Systems Universal Timesharing System (UTS). The windows OS looks almost exactly like it – message loop, interrupt handling, NTFS…

      The vulnerability of Windows goes back to the early days when Microsoft made the decision to make Windows compatible with the DEC Alpha chip – then viewed as a major competitor to Intel. The Alpha had a two ring memory protection scheme and the Intel a four ring. What that means is that Intel had no-access, read, write and execute. The Alpha did not have a no-execute memory protection mode.

      The most common way to infect a windows machine is to put executable code into a memory area (data area) then branch to it. This affects the OS by purposely causing a buffer overflow. With no execute protection it’s Katie Bar the Door.

    11. Shannon Love Says:

      TmLutus,

      The idea that the Windows market is saturated is simply not consistent with what is going on. Badly infected computers can and often do have dozens of exploits running simultaneously.

      I intended the idea of market saturation to be a metaphor. The idea being that the exploits themselves were like a saturated market in that Windows exploits are largely known, widely exploited and also protected against. If nothing else the Windows user base if painfully aware of the constant threat of malware. Just as in a real saturated market Windows malware programmers have to work harder to find and harness new exploits.

      By contrast the Macs are presumably wide open both technologically and in terms of user awareness. Most Mac users don’t even know how to tell if they had a virus or have the software to remove it. These conditions would make it easy for malware to propagate if someone took the time to do. Since the Security through rarity ideas states that its just as easy right a successful virus for a Mac as a PC it should be easy and more profitable to infect defenseless Macs. Since Macs supposedly have no protection, once you infect a bare handful you could infect millions with ease.

    12. jaed Says:

      . That means there are the equivalent of 30 million completely naked Windows boxes out there.

      Not completely naked. Take a look at the default OS X network sharing and firewall settings. Now take a look at the default Windows settings, and contemplate how few users know they’re even there.

      Macs ship locked up pretty good. This is a factor and perhaps the decisive factor.

    13. Louis Wheeler Says:

      One question that the proponents of Security by Rarity never answer is, “Why is that Mac malware doesn’t increase?”

      Apple’s market share in America in 2001 was about 2% and now it is about 10%. That is a 5 fold increase in market share. If Security by Rarity holds true, then the Apple’s malware should have gone up by five times. But, Apple’s malware was 0% then and is 0% now.

      Sure, there have been a few Trojan Horses, but they trick foolish people into giving away their passwords. The overwhelming source of malware, spam and phishing on the internet is the Windows Operating System. System Seven won’t change that.

    14. Challeron Says:

      I would like to agree with Jaed on the “locked up pretty good” aspect of OS X; consider that it, as a Unix-derived OS, gives ultimate authority to the SuperUser (“Root”), and that the Administrator (a mere “Operator”) of the Mac — the owner — has absolutely no Root Privileges, and therefore usually can’t even allow the Trojan Horse — in terms of self-installing a SU — in through the gates.

      Yes, the Administrator (Owner) of a Mac can get Root Privileges, but s/he would actually have to know what they are, why they’re necessary, and how to activate Root User; and anyone who can do that is not likely to fall victim to malware anyway.

    15. tm Says:

      Mac users are like liberals only less numerous. Thank god.

    16. Shannon Love Says:

      Tm,

      Mac users are like liberals only less numerous.

      Them’s fight’en words!

    17. Shannon Love Says:

      Jaed,

      Macs ship locked up pretty good. This is a factor and perhaps the decisive factor.

      Macs ship “locked up pretty good” because the system design allows the vast majority of users to get their work done under heavy privilege restrictions. In theory, you can lock down a Windows box just as well but in reality the system design prevents a wide segment of users from getting there work done in a secure configuration.

      So, I would file this under a technological advantage that further falsifies the “Security Through Rarity” hypothesis.

    18. Chris Says:

      There are four resources to be stolen, CPU cycles, memory, disk space, and network bandwidth.
      You missed a 5th and important resource to be stolen: private information. Grabbing credit card numbers and bank account numbers and passwords would seem to be lucrative proposition, especially as folks who buy Apple tend to have money.

    19. jaed Says:

      Macs ship “locked up pretty good” because the system design allows the vast majority of users to get their work done under heavy privilege restrictions.

      What I’m speaking of are not privileges (in the usual Unix sense – file and directory access privileges) but network access, specifically open ports. By default, a new Mac user has an admin account which has access to the entire box. (The OS requires the password at certain access points, which provides some defense against trojans although not much.) Most Mac users do not have limited-access (“ordinary user”) accounts, unless they’re working on a shared machine set up by an IT department.

      However, by default the network ports are closed and the firewall is on. Very few users need to run, say, an FTP server off their personal machine (and those who do generally are well aware of which box they need to uncheck to make it possible), so this isn’t much of a restriction, much less a heavy one.

    20. Challeron Says:

      By default, a new Mac user has an admin account which has access to the entire box.

      Then why can’t the admin erase the hard drive s/he booted from?

    21. Shannon Love Says:

      Jaed,

      (The OS requires the password at certain access points, which provides some defense against trojans although not much.)

      There isn’t any technological protection against trojans, period. Trojans are a human behavioral problem not a system design problem. In the grand scheme of things, trojans don’t poise much of a threat because they spread at the speed of mortal humans. In order for a trojan to infect one million machines, one million humans must individually install the trojans.

      By contrast, viruses and worms reproduce themselves without any human agency. They can spread as fast as computers can communicate. They can spread through headless systems. If you’ve ever looked at the log of a malware attack on a network, you can see the radical difference between worms and viruses versus trojans. Trojans slowly show up the system over a matter of days as naive users install the trojan. Worms and viruses shoot through hundreds of units in a matter of mere minutes.

      The big puzzle is why after seven years, not a single Mac OS X virus or worm has been found in the wild.

    22. Louis Wheeler Says:

      Sorry, TM, there are plenty of Conservatives who are Mac users. I tried being a liberal and it didn’t take; orneriness runs in my family.

      We Conservatives forgive Steve Jobs for being a fuzzy headed hippy, so long as he gives us pretty computers which work.

      Besides, at an annualized growth rate of 30%, we won’t be small for long. Especially when the PC market it flat or down.

    23. Louis Wheeler Says:

      Jaed, Leopard 10.5’s security is pretty tight. There are vulnerabilities which are never exploited.

      The fundamental reason is because of UNIX’s permissions system. It gives read, write and execute permissions to the user, the group or the world. It is very hard to break into. The consequence is that we Mac Users rarely use anti-virus software.

      There is a firewall on the Mac, but Apple has been experimenting with closing off ports unless an application asks for them.

      We Mac Users do not use root level access; most windows applications must use root access to even work. Mac apps don’t. Admin access allows us to launch system programs which does have limited root access. Most normal apps don’t need it.

      Snow leopard 10.6’s security is even tighter than Leopard.

      There are new protections in Snow Leopard, such as Library Randomization, which prevents malicious commands from finding their targets, and Execute Disable, which protects the memory in your Mac from attacks. 64-bit applications can keep their data out of harm’s way thanks to a more secure function argument-passing mechanism and the use of hardware-based execute disable for heap memory. In addition, memory on the system heap is marked using strengthened checksums, helping to prevent attacks that rely on corrupting memory.

      But the real security feature of Snow Leopard is the sand boxing all applications by restricting what actions programs can perform, what files they can access, and what other programs they can launch.

      This is very heavy duty security. Windows System Seven doesn’t have all that. So, even when Apple has a much higher market share than 10% in the US, it will still be very hard to attack. By that time, the Security by Rarity argument will be put to bed.

    24. tomw Says:

      A final tribute to the old *real* AT&T gang:

      The Mac is the UnixPC of 1980-something. Of course it has better software and a lot more of it, but the concept was there twenty plus years ago. And, they did it with about 1/1000 the CPU horsepower and 512K of memory, a Meg at max.

      Panther, Linux and Unix have the security baked in from the get-go, rather than slathered on top like icing on a cake. Windows applications are all over the map in what is necessary for them to install properly, insuring that ignorant users will answer “Yes to continue” at whatever prompts are placed before them, even if it says: “Delete all files and reformat disk” “Press’Yes’ to continue.”
      If Microsoft had instituted decent security safeguards for software package installation long ago, such as the “dll hell” with duplicate names, different versions, different dates for the same version, and different features depending upon version and source, they would not be such an attractive target.
      But, ifs and buts aren’t soup to nuts, so we are still hungry.

      They screwed up, and don’t have the character or integrity to admit it.

      tom

    25. Louis Wheeler Says:

      TomW said:

      “The Mac is the UnixPC of 1980-something. Of course it has better software and a lot more of it, but the concept was there twenty plus years ago. And, they did it with about 1/1000 the CPU horsepower and 512K of memory, a Meg at max.”

      Hmmmmm. Not, quite. You have no idea how many times Unix as been rewritten to take advantage of new concepts. They never gave up the stuff that works, though.

      Some people may think that because UNIX is 40 years old, it is old hat. But, UNIX is state of the art; nothing is better, right now. And you can get at the Unix commands on a Mac in the Terminal Application. There are tons of UNIX apps.

      AT&T’s UNIX was re-engineered by Berkeley University to become BSD UNIX. Since then, there have been on-going scientific projects which have explored different aspects and capabilities of UNIX in Trusted BSD, FreeBSD, NetBSD and a couple others.

      Steve Job’s NeXT Corp picked up on the latest thinking in the universities to develop NeXTstep; they chose the bits and pieces of open source software to build a Graphics User Interface on. This was long before Linux.

      The result was the most modern OS of its time and still is. Unfortunately, NeXTstep was unsuccessful, because it had few developers and applications. It had few users until after Apple bought it in 1997. It was a real tough road to get from there to here.

      NeXT created a modular Object Oriented OS. That is, it broke up the OS into different parts which could be compiled and tested separately. Earlier OS’s had been monolithic; but they were getting too large and complex to keep doing that.

      Longhorn, Microsoft’s last monolithic OS took over two days to recompile, so they scrapped it. Vista was written by back-tracking to Windows Server 2003, an updated form of Windows NT. Vista and System Seven are not modern, modular, object oriented Operating Systems. Microsoft is working toward it, but it has a long way to go.

      When Apple bought NeXT and made Mac OSX out of it, they invented a whole series of Unix segments like Launchd which the Linux distros choose not to use. Leopard 10.5 became UNIX 03 certified on Intel processors, so it is using the same software as mainframe computers. And a mainframe’s security is not based on rarity.

      “They screwed up, and don’t have the character or integrity to admit it.”

      Microsoft doesn’t dare to correct its mistakes. It would break all its applications. Its market share would vanish over night. It needs to transition out of being a stand alone system. But that is very hard.

      Apple went though this transition with Mac OSX and it took twelve years to do it. When Steve jobs came back to Apple in 1997, Apple made some changes to the NeXT desktop and tried to coerce the developers to rewrite their code in Cocoa API’s and the Objective C programing language. The developers refused.

      Steve had to back track to allow Apple to survive. Apple had to create a way to allow the old MacOS apps to run on Mac OSX. It created the Carbon API’s which could reuse about 70% of the procedural code in the old apps. OH, how the developers moaned and groaned about that.

      Since then, Apple has moved away from past mistakes. It used the move to Intel hardware to force the developers to adopt the XCode 2.0 IDE. If developers wanted ro run natively on Intel hardware they had to rewrite their code. Otherwise, they would run slowly in Rosetta emulation. This set them up in XCode 3.2 to just recompile to get 64 bit apps.

      The Carbon API’s will be relegated to 32 bit code and are sidelined to be gone soon. Apple is rapidly migrating to 64 bit code; most applications will be recompiled in it, this year. Mac OSX 10.7, in 12 to 18 months, will boot into the 64 bit kernel; 10.8 will likely, in 36 to 48 months, to no longer run 32 bit code.

      This will be necessary, because the computer market place will be under-going great change. The high end computers will have 8 to 32 cores, and have up to 16 to 64 GB of RAM. There are uses coming which no one has dreamed of. The great hardware and software on the Mac will create a vacuum. Someone will get round to using it to make something mind blowing.

      The low end computers will have fewer cores and RAM, but they will be computers-on-a-chip devices. I’m expecting that the 64 bit Chrome OS will take over in the very cheap Internet appliances.

      I have no idea how Microsoft intends to survive the transition to that kind of hardware. The changes will be coming fast and furiously.

    26. tomw Says:

      Louis Wheeler Says:
      September 2nd, 2009 at 2:58 am

      Wow, that was quite an impressive response. It will take a few readings for me to digest. My only real point was that Unix was a good base even in 1985, and with a GUI, mouse and desktop, it could have whupped M’sloth in the marketplace, but such was not to be.
      I worked with Unix for twenty some years until I was enticed to walk out the door in 1998, so have a ten year old perspective on the current state of software. I used SVR2 back when, and had the source available. That was fun. It helped when I found out that the ATT dump/restore utilities didn’t work in the midst of a disk upgrade. Compared the two programs, cut’n’paste, recompile with restore using the same logic as was used to create the tapes, and my bacon was saved. Back when 16M was adequate for 32 concurrent users, and a 340M disk was huge. But each employee in my district had email available in 1983-4, probably prior to some execs.
      tom