The battle of the operating systems... Windows vs. The UNIX World

The idea behind this post is to compare and contrast the two very different platforms that dominate both desktop and mobile computing. Windows and the UNIX world. And when I say UNIX I mean the original UNIX, Linux, and OpenBSD/FreeBSD. First, we’re going to look at Windows. Windows harkens back many, many years. For the purpose of this article we’re going to go back to dark old days of Windows 9x. Back in those days Windows was a very open platform in which anyone could do anything they wanted. There was no such thing as user permissions or access rights in Windows 9x. You could simply sit down in front of a Windows 9x system and proceed to completely trash it, there was nothing stopping you from doing it. Since then we have had Windows NT but for the sake of compatibility Windows has had to bring many of the ideas from the dark old days of Windows 9x (and all of the bugs associated with it) along for the ride. It’s only recently, within the last decade, that the idea of locking Windows down and securing it has become an important thing to do. Unfortunately it will be a major up-hill battle because of the amount of legacy code that festers in the Windows code base. This is why I say that it would be in Microsoft’s best interest to simply scrap what Windows is today and go back to the drawing board. They have done it with Internet Explorer in Windows 10 and made a completely new and standards compliant browser engine, namely Project Spartan. If they can do that with Internet Explorer they can certainly do the same thing with the core of Windows and simply layer a compatibility layer on top of the new Windows core to allow for older programs to continue to function. This would be very similar to what Apple did when they changed over from the Motorola platform to the Intel platform, I believe it was called Rosetta. Now let’s take a look at Linux. It was built from the ground up to be a highly secure operating system. The system was built from the ground up to be a multi-user system in which each user runs in their own user context thus bringing about the idea that a regular user can’t trash the operating system, only the user with root permissions can change the system. The fact that there have been so many vulnerabilities is simply because the system is written by flawed being (humans) thus will always be flawed. But when you look at many of the vulnerabilities that Linux has they have been nowhere near as bad as those found in Windows. The number of highly exploitable vulnerabilities have been far less than those found in Windows. True, there have been some real doozies found lately but the sheer number of them have been far less than the number of real doozies found in Windows. This statement can also be applied to FreeBSD/OpenBSD. MacOSX and by extension iOS, is based upon a BSD core and thus has inherited many of security traits from the UNIX world. Yes, both of Apple’s operating systems have been found to be vulnerable as well but like their UNIX-like brothers they haven’t been nearly as bad as Windows. Now, let’s look at Android. True, it does have it’s roots in the UNIX world in which the core of Android is very much a Linux-based system but like Windows, Android allowed for data to be passed back and forth between apps. Only recently Android has really attempted to sandbox apps off from one another using Linux-based file system permissions that rope off areas of the file system and prevent apps from reading and writing data to areas of the operating system and file system that they don’t own access rights to. You can see this in how they have put many restrictions on external SDCards and how those permissions have essentially made having a MicroSD card in your device a rather useless thing to have. Windows too has been attempting to do that same thing. If you look at the ModernUI apps that run on Windows 8/10 those apps are very much sandboxed off from one another and can only read and write data through specifically crafted APIs that Microsoft has developed to prevent apps from reading and writing arbitrary data. On Apple iOS, apps can’t simply share data among one another because each app runs inside a very tightly controlled sandboxed environment and only recently, with iOS 8, can apps share “some” data through very secured and controlled application APIs which are referred to as App Extensions by Apple. This has resulted in a very secured computing environment in which data is not shared and even if it is shared it is shared in a very secure manner. I have a feeling that computing in the future will be a very sandboxed affair. Yes, an open platform where you can do anything you want is nice but as we have seen it can be very much abused. -- Tom Tom's Tech Blog | Samsung 840 EVO Replacement Petition