Re: Breaking Windows

1. Again, I find it interesting that you simply will not allow my comments to show up here directly. You do realise that whether or not you get my comments out of the spam filter, they are all going to stay on pastebin, right?
2.  
3. So, forget about pulling a Dietrich Schmitz on me - if that's what you have in mind.
4.  
5. <i>"Uh, networking certainly was a necessary part of IT when Lose 3.1 came out but it was an afterthought."</i>
6.  
7. Is "uh" the sound one emits when he's frantically looking up Wikipedia for an answer?
8.  
9. I don't know about you, but I found <a href="http://www.dendarii.co.uk/FAQs/dos-net.html">this</a> just by casually typing "ms-dos networking" into Google Search. Maybe you should try that some time.
10.  
11. <i>"Once networking became commonplace, the OS had to be multi-user to have any kind of security and DOS was single-user."</i>
12.  
13. Again, what does DOS being a single-user system have to do with anything in this context? A computer used and managed by one person is a single-user system. Period. Whether there is any benefit in having a multi-user OS in this context is completely moot since, regardless of the <b>technical competence</b> of this one person the system has to cater to, it has to give him/her full administrative privileges in one way or another.
14.  
15. If you can find a way around that, by all means tell me how.
16.  
17. <i>"There are some things that can be done reasonably safely by a single-user OS like a slice of FTP, say, but file-sharing and the like require processes which can multi-task and maintain some semblance of safety."</i>
18.  
19. Maybe you didn't pay attention to my link on NFS? What you should understand from NFS is that the OS being multi-user has fundamentally no relevance to whether there is any form of <b>identity verification</b> to establish the credentials of a client. Instead, one should focus on if there is any the verification process taking place between the server and the client <b>prior to</b> the client being allowed to access any object on the server. Your insistence of "multi-user OS" being pertinent to this discussion is a clear indication that you don't even have the slightest comprehension of common network authentication protocols (e.g. Kerberos) to begin with.
20.  
21. And let's not mention such irrelevancy as "multi-tasking" (which the Chicago Windows line does anyway): it's so dumb it literally hurts.
22.  
23. <i>"You don’t want Bad Guy over there overwriting an executable here…"</i>
24.  
25. It seems that <a href="http://cwe.mitre.org/data/definitions/441.html">Deputy Pogson</a> is hopelessly confused about proper security on client-server architectures.
26.  
27. Credentials, along with <b>what</b> your client is actually allowed to do to an object (i.e. "capabilities"), are supposed to be established <b>before</b> you allow the client to access anything on the server. Then you verifies that, for each request, the client is permitted to use a given object in the way it asks (e.g. "write to program.exe") <b>at the protocol level</b>. No "multi-user OS" is necessary in this context.
28.  
29. Of course, all this is very academic, but one must ask him/herself two questions:
30.  
31. 1) Who in the right mind would use Windows 95, a clearly non-server OS, as a "serious" file server, even back in the 90s (notwithstanding that it allowed you to create read-only shares anyway)?
32. 2) What is with all this nonsense about MS-DOS and the Chicago Windows line, which <b>hardly</b> anyone uses anymore (I have been a user of NT since the mid-90s, by the way)?