Steve Jobs is not an idiot

I keep thinking back to 1989. Apple had just introduced the Macintosh II. This was way back in System 6.x days. A long, long time ago. But why did that year matter? Well, Apple was way way way ahead of the rest of the industry. I remember being in a computer science class back then where they forced us all to use DOS. In the journalism department we had just gotten brand new Mac IIcx’s. I think that’s one reason I went into journalism rather than trying to please my dad and become an engineer or a computer scientist.

Anyway, back then I thought Apple was going to take over the world. Apple’s equipment was just so brilliantly designed. They had the best printer, the best network, the best GUI, the best applications. Remember, back then Microsoft’s apps on Macs were WAY ahead of Microsoft’s apps on DOS and Windows was still a joke.

So why didn’t Apple win?

Well, go back to Rich Cameron’s classroom and look again. He wrote a ton of Hypercard applications for his journalism classes. That’s how we learned how to cover press conferences and all sorts of other things. Many of his tests were done in Hypercard too.

But Apple didn’t realize the power of developers. They ignored Hypercard. Never really improved it. Never gave developers really great tools. I remember meeting software developers who worked on Apple applications and they were always complaining about how hard they were to use, or how many rules they had to follow to make sure their apps were “Apple compliant.”

Many people think Apple didn’t win because Apple didn’t go Microsoft’s route of licensing the OS to clone manufacturers. I’m not so sure about that.

Look at what Microsoft did for developers between 1990 and 1995 and you’ll see that THAT was a huge reason that Microsoft became dominant with Windows 95. I remember when Visual Basic came out that lots of Apple developers would look over at it and say “that’s what Hypercard should have become.”

In 1989 Apple was in charge. By 1995 Apple was a second rate company and by 1999 people were thinking that Apple was going to disappear. Of course we all know the rest of the story, right? Steve Jobs.

So, why do I say that Steve Jobs is not an idiot?

Because he’s had to learn the lesson of 1989. Give developers tools to build apps easily and extend your product or else they, and the market, will go somewhere else.

Anyway, right now Apple is acting a lot like Apple did in 1989. Apple is miles ahead with its iPhone. It’s pretty. The folks I’ve talked to who’ve had their hands on one say it pushes the experience of using a cell phone ahead a mile and is way ahead of, say, my little Nokia N95 that’s sitting next to me right now.

But, why is Steve Jobs telling iPhone developers to pound sand? Dave Winer posits that Apple isn’t opening up the iPhone because they don’t have to.

Oh, but 1989 reminds us that chosing to remain non-friendly to developers will work for a while, but long term will doom you to second rate status.

Steve Jobs isn’t an idiot.

So, what do I think will happen? Oh, I can see the Steve Jobs keynote in 2008 right now. “We’ve sold eight million iPhones, more than we expected” and “remember how I said iPhone apps needed to be done with JavaScript and HTML? Well, we heard from all of you that you wanted to play games on Pogo.com so we added Flash. And we’ve been working on our own iPhone applications for more than a year now and we’re sharing the developer tools we use internally.”

Go back to 1989. What if Apple HAD invested in developer tools? What if Apple, instead of Microsoft, had released Visual Basic? What if Apple, instead of Microsoft, had taken the “consumer coolness” that they had in the Apple II line and made it so that a geek working inside some big company could make a business justification to use Macs instead of Windows machines? (Hint: a big part of that is how easy it is to make business applications).

Maybe Apple is happy with its 5% market share, but I doubt it. Steve Jobs is not an idiot.

Watch him open up the iPhone next year. Until then at least Dori Smith should have a job (she’s one of the world’s experts on JavaScript and is out looking).

Or, do you think Apple will keep the iPhone closed and tell developers to pound sand forever?

Steve Jobs is not an idiot.

345 thoughts on “Steve Jobs is not an idiot

  1. Scott,

    The iPhone uses a hardware decoding solution to play H.264 video in realtime. Flash on Mac OS X uses OpenGL to accelerate drawing. These pose significant challenges to Flash on the iPhone.

    However, both of these issues may be resolved if Flash drawing can be remapped to the iPhone’s implementation of OpenGLES and the playback of Flash video content was restricted to H.264, which Adobe recently added support for in the latest version of the Flash player.

    It’s possible that OpenGLES may not have enough functionality to accelerate the entire Flash drawing API as it is a subset of the full OpenGL standard on Mac OS X. But it seems a safe bet that Flash H.264 playback could be decoded by the iPhone’s hardware decoding chip. The legacy On 2 and Sorenson Spark codecs probably couldn’t be accelerated and would likely be unsupported.

    Of course, this doesn’t address the CPU time required to execute ActionScript 3.0 code, interpolate keyframe values, etc.

    And, as you mentioned, licensing is a completely different issue.

  2. Scott,

    The iPhone uses a hardware decoding solution to play H.264 video in realtime. Flash on Mac OS X uses OpenGL to accelerate drawing. These pose significant challenges to Flash on the iPhone.

    However, both of these issues may be resolved if Flash drawing can be remapped to the iPhone’s implementation of OpenGLES and the playback of Flash video content was restricted to H.264, which Adobe recently added support for in the latest version of the Flash player.

    It’s possible that OpenGLES may not have enough functionality to accelerate the entire Flash drawing API as it is a subset of the full OpenGL standard on Mac OS X. But it seems a safe bet that Flash H.264 playback could be decoded by the iPhone’s hardware decoding chip. The legacy On 2 and Sorenson Spark codecs probably couldn’t be accelerated and would likely be unsupported.

    Of course, this doesn’t address the CPU time required to execute ActionScript 3.0 code, interpolate keyframe values, etc.

    And, as you mentioned, licensing is a completely different issue.

  3. If Apple were to partner with Adobe and have Flash installed on both the iPod Touch and iPhone then both companies would need to agree on terms in respect to compete.

    QuickTime vs Flash for video, given the Scobles of today get eyeballs, whom wants to retain that format and why is an entire conversation on that topic alone.

    Ecosystem to support the formats, ok both have socket influence and given Final Cut Pro does compete with Adobe CS3 Master Suite for example there is going to be some rules of engagement there that need drafting.

    Finally Adobe AIR vs Safari, as if Apple are going to keep pushing Safari out the door as a proposed Web solution, given Adobe AIR uses a key ingredient of thus solution + flash capabilities. Well this is were it also can get murky.

    I have serious doubts Flash is ever going to make it onto the iPhone / iPod Touch and we haven’t even touched on the OEM pricing for Flash Player (ie assume there is still a price negotiation to be had as will Adobe forgive this possible sale?)

    *shrug* just some random thoughts to throw out there..

  4. If Apple were to partner with Adobe and have Flash installed on both the iPod Touch and iPhone then both companies would need to agree on terms in respect to compete.

    QuickTime vs Flash for video, given the Scobles of today get eyeballs, whom wants to retain that format and why is an entire conversation on that topic alone.

    Ecosystem to support the formats, ok both have socket influence and given Final Cut Pro does compete with Adobe CS3 Master Suite for example there is going to be some rules of engagement there that need drafting.

    Finally Adobe AIR vs Safari, as if Apple are going to keep pushing Safari out the door as a proposed Web solution, given Adobe AIR uses a key ingredient of thus solution + flash capabilities. Well this is were it also can get murky.

    I have serious doubts Flash is ever going to make it onto the iPhone / iPod Touch and we haven’t even touched on the OEM pricing for Flash Player (ie assume there is still a price negotiation to be had as will Adobe forgive this possible sale?)

    *shrug* just some random thoughts to throw out there..

  5. Mike wrote: “So, define “next generation” and we can talk.”

    Was my definition not clear enough?

    Mike wrote: “Actually, Tim, I’d say that 1st month sales on a “must have” “fashion accessory” say nothing either way about its success in even the short run. … Ask me again in two months and then we can see if you can predict my words.”

    Q3 2007 sales show the iphone captured 27% of the US smart phone market and 3% of the overall US cellphone market.

    http://tinyurl.com/39lrju

    This puts the iPhone is second place behind Blackberry and slightly ahead of Windows Mobile. Even though, as you’ve so clearly pointed out, the iPhone doesn’t even support third-party applications. Yet.

  6. Mike wrote: “So, define “next generation” and we can talk.”

    Was my definition not clear enough?

    Mike wrote: “Actually, Tim, I’d say that 1st month sales on a “must have” “fashion accessory” say nothing either way about its success in even the short run. … Ask me again in two months and then we can see if you can predict my words.”

    Q3 2007 sales show the iphone captured 27% of the US smart phone market and 3% of the overall US cellphone market.

    http://tinyurl.com/39lrju

    This puts the iPhone is second place behind Blackberry and slightly ahead of Windows Mobile. Even though, as you’ve so clearly pointed out, the iPhone doesn’t even support third-party applications. Yet.

  7. Mike wrote: “What do you mean by “next generation”?

    How about a OS that can run more than 32 processes at a time. Or an OS with a UI and application framework based on a version of WPF?

    Since Microsoft is touting WPF as the next-generation graphics architecture in Vista, we know it will eventually show up in Windows Mobile, but the question is when? However, Windows Mobile isn’t running NT, it’s running CE 5.0.

    While Photon will be based on CE 6.0, Microsoft can’t simply retarget it’s NT implementation of WPF. Instead, it will need to create a separate implementation for mobile devices (Just as it creates a separate CLR for the XBOX 360 and WM) and a whole new mobile UI to take advantage of it. This isn’t a simple task.

    Mike wrote: “Apple’s mobile platform is still waiting for it’s 1st Generation (After all, even you admit it isn’t mature enough for an SDK, yet …)”

    Yet the iPhone already supports Core Animation (WPF like, hardware assisted animation used in Leopard), Cocoa application frameworks and runs on the same cross-platform Objective-C runtime and XNU kernel as found in Mac OS X. From an architectural perspective, the iPhone already has a significant advantage. And if the SDK is anything like what we get with Mac OS X, it should have a rich, well-designed API built on an object-oriented foundation that’s been maturing since NeXT STEP in the early 80s.

    Mike wrote: “It’s OS was architected for minicomputers doing telecommunications work in the late 1960s.”

    Which is precisely what allows it to scale from a hand-held devices, such as the iPhone and iPod Touch to multi-processor workstations, such as the Mac Pro.

  8. Mike wrote: “What do you mean by “next generation”?

    How about a OS that can run more than 32 processes at a time. Or an OS with a UI and application framework based on a version of WPF?

    Since Microsoft is touting WPF as the next-generation graphics architecture in Vista, we know it will eventually show up in Windows Mobile, but the question is when? However, Windows Mobile isn’t running NT, it’s running CE 5.0.

    While Photon will be based on CE 6.0, Microsoft can’t simply retarget it’s NT implementation of WPF. Instead, it will need to create a separate implementation for mobile devices (Just as it creates a separate CLR for the XBOX 360 and WM) and a whole new mobile UI to take advantage of it. This isn’t a simple task.

    Mike wrote: “Apple’s mobile platform is still waiting for it’s 1st Generation (After all, even you admit it isn’t mature enough for an SDK, yet …)”

    Yet the iPhone already supports Core Animation (WPF like, hardware assisted animation used in Leopard), Cocoa application frameworks and runs on the same cross-platform Objective-C runtime and XNU kernel as found in Mac OS X. From an architectural perspective, the iPhone already has a significant advantage. And if the SDK is anything like what we get with Mac OS X, it should have a rich, well-designed API built on an object-oriented foundation that’s been maturing since NeXT STEP in the early 80s.

    Mike wrote: “It’s OS was architected for minicomputers doing telecommunications work in the late 1960s.”

    Which is precisely what allows it to scale from a hand-held devices, such as the iPhone and iPod Touch to multi-processor workstations, such as the Mac Pro.

  9. Mike wrote: “Now you think it’s OK to have every process in an always connected device run as root because there isn’t an official SDK so not having an SDK is a good thing…”

    Quite the contrary.

    I’m simply noting that another valid reason why Apple would delay the release of an iPhone SDK. This is in contrast to your previous claim that Apple couldn’t release a SDK because it didn’t explicitly pre -announce it.

  10. Mike wrote: “Now you think it’s OK to have every process in an always connected device run as root because there isn’t an official SDK so not having an SDK is a good thing…”

    Quite the contrary.

    I’m simply noting that another valid reason why Apple would delay the release of an iPhone SDK. This is in contrast to your previous claim that Apple couldn’t release a SDK because it didn’t explicitly pre -announce it.

  11. re: I’m still waiting on details of Microsoft’s next-generation mobile platform, OS and SDK.

    What do you mean by “next generation”?

    Microsoft’s mobile platform is on it’s 5th Generation

    There has been an SDK and developer tools for every release since it came out

    It’s mobile OS was architected for portable devices in the late 1990s

    Apple’s mobile platform is still waiting for it’s 1st Generation (After all, even you admit it isn’t mature enough for an SDK, yet – kind of feels like a Linux project that’s in a perpetual 0.9.x.x release since they never get it quite clean enough to call it a 1.0)

    There has never been an SDK or developer tools for it and we have no idea what Apple will or won’t allow to ship via their “we’re the only place you can get software” channel.

    It’s OS was architected for minicomputers doing telecommunications work in the late 1960s.

    So, define “next generation” and we can talk. It looks to me like Apple has a very, very long way to go.

  12. re: I’m still waiting on details of Microsoft’s next-generation mobile platform, OS and SDK.

    What do you mean by “next generation”?

    Microsoft’s mobile platform is on it’s 5th Generation

    There has been an SDK and developer tools for every release since it came out

    It’s mobile OS was architected for portable devices in the late 1990s

    Apple’s mobile platform is still waiting for it’s 1st Generation (After all, even you admit it isn’t mature enough for an SDK, yet – kind of feels like a Linux project that’s in a perpetual 0.9.x.x release since they never get it quite clean enough to call it a 1.0)

    There has never been an SDK or developer tools for it and we have no idea what Apple will or won’t allow to ship via their “we’re the only place you can get software” channel.

    It’s OS was architected for minicomputers doing telecommunications work in the late 1960s.

    So, define “next generation” and we can talk. It looks to me like Apple has a very, very long way to go.

  13. Now you think it’s OK to have every process in an always connected device run as root because there isn’t an official SDK so not having an SDK is a good thing…

    Yeesh.

  14. Now you think it’s OK to have every process in an always connected device run as root because there isn’t an official SDK so not having an SDK is a good thing…

    Yeesh.

  15. I’d also note that – as you repeatedly mentioned – the iPhone will have been without a SDK during the five months it ran everything as root. As such, no debuggers or compliers were provided to created executable code that could run on the phone. This makes it extremely difficult to find and create exploits for the device.

    Only though the unprecedented effort the world wide iPhone developer community were third-party debuggers and compliers were created for the device.

    And Mike, I’m still waiting on details of Microsoft’s next-generation mobile platform, OS and SDK.

  16. I’d also note that – as you repeatedly mentioned – the iPhone will have been without a SDK during the five months it ran everything as root. As such, no debuggers or compliers were provided to created executable code that could run on the phone. This makes it extremely difficult to find and create exploits for the device.

    Only though the unprecedented effort the world wide iPhone developer community were third-party debuggers and compliers were created for the device.

    And Mike, I’m still waiting on details of Microsoft’s next-generation mobile platform, OS and SDK.

  17. Mike wrote: “Apple has EVERY PROCESS on the iPhone running as root.”

    Don’t deny this at all. However, I do deny your claim that this fact implies Apple just recently figured out running all process as root was a bad idea. It’s pure speculation on your part.

    Mike wrote: “You claimed Microsoft did this until last year.”

    To which I admitted that, technically, I was incorrect.

    Mike wrote: “Microsoft NEVER did this with any operating system that had different privileges.”

    I do not dispute this.

    However, Microsoft never added the ability to run processes as ‘non-root’ to any of the following versions of Windows.

    Windows 1.0
    Windows 2.0
    Windows 3.0
    Windows 3.1
    Windows 95
    Windows 98
    Windows ME

    Windows 1.0 was shipped in 1985. Windows ME was shipped in 2000. This was a span of 15 years. However, this in no way implies that Microsoft didn’t realize it was a bad idea to effectively run all processes as ‘root.’

    While Microsoft did ship home and enterprise versions of Windows that supported different privilege levels, many users ran as administrator due to lack of a lease-privileged security model and legacy Windows architectural issues that had yet to be resolved.

    In 2006, Microsoft released Windows Vista , which added User Account Control, providing support for lease-privileged operation, and Data Redirection, which virtualizes the registry and certain parts of the file system to applications requiring elevated privileges to function correctly. These changes, among others, made it significantly more practical for users to run applications as ‘non-root.’

    Now that we’ve cleared that up, do you have any support to backup your original claim? Otherwise, you’re simply speculating. Sound familiar?

    And since the original topic of this thread, an IPhone SDK, is no longer in the realm of speculation, I’ll ask again. Where is Microsoft’s next generation mobile platform, OS and SDK?

  18. Mike wrote: “Apple has EVERY PROCESS on the iPhone running as root.”

    Don’t deny this at all. However, I do deny your claim that this fact implies Apple just recently figured out running all process as root was a bad idea. It’s pure speculation on your part.

    Mike wrote: “You claimed Microsoft did this until last year.”

    To which I admitted that, technically, I was incorrect.

    Mike wrote: “Microsoft NEVER did this with any operating system that had different privileges.”

    I do not dispute this.

    However, Microsoft never added the ability to run processes as ‘non-root’ to any of the following versions of Windows.

    Windows 1.0
    Windows 2.0
    Windows 3.0
    Windows 3.1
    Windows 95
    Windows 98
    Windows ME

    Windows 1.0 was shipped in 1985. Windows ME was shipped in 2000. This was a span of 15 years. However, this in no way implies that Microsoft didn’t realize it was a bad idea to effectively run all processes as ‘root.’

    While Microsoft did ship home and enterprise versions of Windows that supported different privilege levels, many users ran as administrator due to lack of a lease-privileged security model and legacy Windows architectural issues that had yet to be resolved.

    In 2006, Microsoft released Windows Vista , which added User Account Control, providing support for lease-privileged operation, and Data Redirection, which virtualizes the registry and certain parts of the file system to applications requiring elevated privileges to function correctly. These changes, among others, made it significantly more practical for users to run applications as ‘non-root.’

    Now that we’ve cleared that up, do you have any support to backup your original claim? Otherwise, you’re simply speculating. Sound familiar?

    And since the original topic of this thread, an IPhone SDK, is no longer in the realm of speculation, I’ll ask again. Where is Microsoft’s next generation mobile platform, OS and SDK?

  19. No. Once again…

    Apple has EVERY PROCESS on the iPhone running as root.

    You claimed Microsoft did this until last year.

    Microsoft NEVER did this with any operating system that had different privileges.

    Microsoft Xenix NEVER DID
    Microsoft OS|2 NEVER DID
    Microsoft Windows NT NEVER DID
    Microsoft Windows 2000 NEVER DID
    Microsoft Windows XP NEVER DID
    Microsoft Windows Server 2003 NEVER DID
    Microsoft Windows Vista DOESN’T
    Microsoft Windows Server 2008 beta DOESN’T
    Microsoft Windows CE NEVER DID AND DOESN’T

    It’s that simple.

    Now, deal with that and we can change the subject to one you’d rather talk about. But, first, deal with that.

  20. No. Once again…

    Apple has EVERY PROCESS on the iPhone running as root.

    You claimed Microsoft did this until last year.

    Microsoft NEVER did this with any operating system that had different privileges.

    Microsoft Xenix NEVER DID
    Microsoft OS|2 NEVER DID
    Microsoft Windows NT NEVER DID
    Microsoft Windows 2000 NEVER DID
    Microsoft Windows XP NEVER DID
    Microsoft Windows Server 2003 NEVER DID
    Microsoft Windows Vista DOESN’T
    Microsoft Windows Server 2008 beta DOESN’T
    Microsoft Windows CE NEVER DID AND DOESN’T

    It’s that simple.

    Now, deal with that and we can change the subject to one you’d rather talk about. But, first, deal with that.

  21. Mike, It’s seems that you’re not listening.

    I concede that you are correct as to the exact dates. A version of Windows was technically capable of running processes as non-root much earlier than a year ago. I do not deny these facts. However, the exact dates and capabilities I mentioned are not critical to the point I was making and you know it.

    You claimed that the announcement of an iPhone SDK in January somehow proved that Apple “it took Apple five months to figure out running running the iPhone as root was bad.” As if it was incompetent.

    My point was, to quote my original post,

    “[In regard to gaps in the ability to run Windows apps as non-root] Of course, we both know there were other considerations in play, such as backwards compatibility, time to market, development resources, etc. Had Microsoft really wanted to make security it’s number one priority, we could had seen Vista like account controls much earlier.”

    If you can’t actually run the Windows apps you need to run as non-root (or if it’s extremely inconvenient to do so) the existence of this technical ability is effectually moot. This is like having a car that technically comes with an alarm, but you can only turn on in specific parking places. In addition, Microsoft was among the developers who released apps that must be run a user with administrative rights. This clearly illustrates how Microsoft inconstantly implemented security across the entire Windows platform.

    Until the release of Vista, this was an significant issue that existed for significantly more than five months. However, unlike your claim about the iPhone and Apple, I acknowledged from the start that there was more to the situation than just Microsoft “only recently figuring out that running everything as root was bad.”

    Microsoft knew what it was doing and choose to let this issue go unresolved instead of breaking compatibility and making Windows less convenient to use. Claiming Apple was incompetent for taking five months to deal with release schedules and setbacks, as every other OS developer has done in the past, compared multiple gaps of several years in Windows, is speculation and hypocrisy. This was the point of my original post.

    And it seems a refresher on the original topic of this thread is needed:

    - -

    Mike: Apple can’t release a SDK for the iPhone. Says I’m speculating.

    Scott: Apple has a shipping platform, OS and working private SDK. Apple has in no way explicitly excluded the public release of a native SDK.

    - -

    Scott: Asks were Microsoft’s Next Gen mobile platform, OS and SDK.

    Mike: Says it’s irrelevant since Apple can’t release an SDK.

    - -

    Apple: Announces public iPhone SDK

    - -

    Mike: Makes a claim that Apple “just recently figured out running the iPhone as root is bad” since it will have run as root for 5 months.

    Scott: Points out that gaps in Windows ability to run apps as non-root did not imply Microsoft “just recently figured out running Windows apps as root is bad.” Makes specific claims about these gaps. Notes that now Mike is speculating.

    Scott: Asks again for Microsoft’s next fen Mobile platform, OS and SDK since iPhone SDK is no longer speculation.

    Mike: Says I’m technically wrong about specific gaps.

    Mike: Doges question on next gen Mobile platform, OS and SDK.

    Scott: Concedes that Mike is technically correct about specific aspects of these gaps, but notes that premise still stands. Points to blog post by Jim Allchin that confirms signifiant problems running apps as anyone but administrator did exist until recently fixed in Vista.

    Mike: Keeps pointing out details about the gaps were technical wrong (dates, etc.), which I already acknowledged. Ignores central point.

    Mike: Keeps dogging question about non existent next gen Microsoft Window Mobile platform.

  22. Mike, It’s seems that you’re not listening.

    I concede that you are correct as to the exact dates. A version of Windows was technically capable of running processes as non-root much earlier than a year ago. I do not deny these facts. However, the exact dates and capabilities I mentioned are not critical to the point I was making and you know it.

    You claimed that the announcement of an iPhone SDK in January somehow proved that Apple “it took Apple five months to figure out running running the iPhone as root was bad.” As if it was incompetent.

    My point was, to quote my original post,

    “[In regard to gaps in the ability to run Windows apps as non-root] Of course, we both know there were other considerations in play, such as backwards compatibility, time to market, development resources, etc. Had Microsoft really wanted to make security it’s number one priority, we could had seen Vista like account controls much earlier.”

    If you can’t actually run the Windows apps you need to run as non-root (or if it’s extremely inconvenient to do so) the existence of this technical ability is effectually moot. This is like having a car that technically comes with an alarm, but you can only turn on in specific parking places. In addition, Microsoft was among the developers who released apps that must be run a user with administrative rights. This clearly illustrates how Microsoft inconstantly implemented security across the entire Windows platform.

    Until the release of Vista, this was an significant issue that existed for significantly more than five months. However, unlike your claim about the iPhone and Apple, I acknowledged from the start that there was more to the situation than just Microsoft “only recently figuring out that running everything as root was bad.”

    Microsoft knew what it was doing and choose to let this issue go unresolved instead of breaking compatibility and making Windows less convenient to use. Claiming Apple was incompetent for taking five months to deal with release schedules and setbacks, as every other OS developer has done in the past, compared multiple gaps of several years in Windows, is speculation and hypocrisy. This was the point of my original post.

    And it seems a refresher on the original topic of this thread is needed:

    - -

    Mike: Apple can’t release a SDK for the iPhone. Says I’m speculating.

    Scott: Apple has a shipping platform, OS and working private SDK. Apple has in no way explicitly excluded the public release of a native SDK.

    - -

    Scott: Asks were Microsoft’s Next Gen mobile platform, OS and SDK.

    Mike: Says it’s irrelevant since Apple can’t release an SDK.

    - -

    Apple: Announces public iPhone SDK

    - -

    Mike: Makes a claim that Apple “just recently figured out running the iPhone as root is bad” since it will have run as root for 5 months.

    Scott: Points out that gaps in Windows ability to run apps as non-root did not imply Microsoft “just recently figured out running Windows apps as root is bad.” Makes specific claims about these gaps. Notes that now Mike is speculating.

    Scott: Asks again for Microsoft’s next fen Mobile platform, OS and SDK since iPhone SDK is no longer speculation.

    Mike: Says I’m technically wrong about specific gaps.

    Mike: Doges question on next gen Mobile platform, OS and SDK.

    Scott: Concedes that Mike is technically correct about specific aspects of these gaps, but notes that premise still stands. Points to blog post by Jim Allchin that confirms signifiant problems running apps as anyone but administrator did exist until recently fixed in Vista.

    Mike: Keeps pointing out details about the gaps were technical wrong (dates, etc.), which I already acknowledged. Ignores central point.

    Mike: Keeps dogging question about non existent next gen Microsoft Window Mobile platform.

  23. Nope. The thread was my stating how ludicrous it was the Apple shipped the iPhone (iVirus? iTrojan?) with every process running as root with a low quality easily broken (as in less than a week after ship) password.

    You said MS did the same thing for a decade.

    I showed they never did.

    You tried to pretend you said something different. (But still wrong)

    I didn’t let you change history.

    You tried to pretend again that what’s clearly readable by scrolling up didn’t happen by acting as though some user apps were the same thing as all processes in the system.

    I called you on rewriting history (and getting the tech wrong again)

    And that’s where we are today…

  24. Nope. The thread was my stating how ludicrous it was the Apple shipped the iPhone (iVirus? iTrojan?) with every process running as root with a low quality easily broken (as in less than a week after ship) password.

    You said MS did the same thing for a decade.

    I showed they never did.

    You tried to pretend you said something different. (But still wrong)

    I didn’t let you change history.

    You tried to pretend again that what’s clearly readable by scrolling up didn’t happen by acting as though some user apps were the same thing as all processes in the system.

    I called you on rewriting history (and getting the tech wrong again)

    And that’s where we are today…

  25. Mike wrote:”Nope. You said “… it was only with in the last year that Windows even had the ability to run specific process as ‘non-root’…””

    To which I replied “You’re right. NT 3.1 was technically capable of running processes as “non-root”. However, as with most Microsoft products, it wasn’t that the technology didn’t exist – the implementation was the problem. NT was a targeted at the workstation / enterprise market and it was very impractical for general use.” and clarified my statement.

    Guess you’re still dogging the question.

  26. Mike wrote:”Nope. You said “… it was only with in the last year that Windows even had the ability to run specific process as ‘non-root’…””

    To which I replied “You’re right. NT 3.1 was technically capable of running processes as “non-root”. However, as with most Microsoft products, it wasn’t that the technology didn’t exist – the implementation was the problem. NT was a targeted at the workstation / enterprise market and it was very impractical for general use.” and clarified my statement.

    Guess you’re still dogging the question.

  27. Nope. You said “… it was only with in the last year that Windows even had the ability to run specific process as ‘non-root’…”

    That’s clearly wrong and meant to imply that Windows prior to Vista was as stupidly broken as the iPhone.

    Rewriting history is bad enough. Doing when the original statement is availble by scrolling up the page is just sad.

  28. Nope. You said “… it was only with in the last year that Windows even had the ability to run specific process as ‘non-root’…”

    That’s clearly wrong and meant to imply that Windows prior to Vista was as stupidly broken as the iPhone.

    Rewriting history is bad enough. Doing when the original statement is availble by scrolling up the page is just sad.

  29. Mike,

    Again, you’re missing my point (or trying to dodge the issue) You’re initial comment was….

    “Yep. Looks like five months is what it took for Apple to realize that running every process on the iPhone as root (Full Administrator Privileges) with a known password was a bad idea”

    I simply pointed out that..

    - At least one version of Windows ran all processes with root privileges for significantly more than five months. This had significant impact on the architecture of Windows, users and third party applications.

    - The ability to run applications as non-root in versions of Windows based on the NT kernel was difficult to impractical in non-enterprise settings for significantly more than five months. This was due to the way security was implemented across the two parallel development paths of Windows (NT and DOS based).

    To be fair, I also pointed out that the fact that either of these situations existed had nothing to do with Microsoft not “realizing that running everything as root was a bad idea.” It was a decision based on convenience, time to market and compatibility vs. security. While I don’t agree with many of the choices that Microsoft made, I can see the rational behind them.

    Yet, when I outlined several reasonable and logical scenarios as to why Apple would delay shipping a SDK for the iPhone, you dismissed them as utter and complete fiction. Sound familiar?

    Now, it seems that you’re the one who doing the speculating by assuming Apple was incompetent instead of simply dealing with release schedules and setbacks as every other OS developer has done in the past. Care to back up that claim with any real proof? Otherwise, you’re merely one of the many Microsoft shrills and stockholders creating FUD about the iPhone. (For the record, I do not own any Apple stock, although I wish I did)

    And, to return to the original topic of the thread, it appears that Apple has done what you claimed was impossible – shipping a iPhone SDK in January. Apple will have a next generation platform, OS and public SDK based on Core Animation.

    So Mike, I’l ask again. Where is Microsoft’s next generation platform OS and SDK based on WPF? All I’ve seen from Microsoft was an alpha demo of Silverlight running a sports widget. And, last time I checked, you can’t write a next generation mobile OS using a browser plugin. However, since there isn’t a shipping platform or even a OS that’s been publicly released, nor have there haven’t been any official announcements my Microsoft, any information you might have would be purely…. speculation on your part.

    Are you going to dodge the question for a third time?

  30. Mike,

    Again, you’re missing my point (or trying to dodge the issue) You’re initial comment was….

    “Yep. Looks like five months is what it took for Apple to realize that running every process on the iPhone as root (Full Administrator Privileges) with a known password was a bad idea”

    I simply pointed out that..

    - At least one version of Windows ran all processes with root privileges for significantly more than five months. This had significant impact on the architecture of Windows, users and third party applications.

    - The ability to run applications as non-root in versions of Windows based on the NT kernel was difficult to impractical in non-enterprise settings for significantly more than five months. This was due to the way security was implemented across the two parallel development paths of Windows (NT and DOS based).

    To be fair, I also pointed out that the fact that either of these situations existed had nothing to do with Microsoft not “realizing that running everything as root was a bad idea.” It was a decision based on convenience, time to market and compatibility vs. security. While I don’t agree with many of the choices that Microsoft made, I can see the rational behind them.

    Yet, when I outlined several reasonable and logical scenarios as to why Apple would delay shipping a SDK for the iPhone, you dismissed them as utter and complete fiction. Sound familiar?

    Now, it seems that you’re the one who doing the speculating by assuming Apple was incompetent instead of simply dealing with release schedules and setbacks as every other OS developer has done in the past. Care to back up that claim with any real proof? Otherwise, you’re merely one of the many Microsoft shrills and stockholders creating FUD about the iPhone. (For the record, I do not own any Apple stock, although I wish I did)

    And, to return to the original topic of the thread, it appears that Apple has done what you claimed was impossible – shipping a iPhone SDK in January. Apple will have a next generation platform, OS and public SDK based on Core Animation.

    So Mike, I’l ask again. Where is Microsoft’s next generation platform OS and SDK based on WPF? All I’ve seen from Microsoft was an alpha demo of Silverlight running a sports widget. And, last time I checked, you can’t write a next generation mobile OS using a browser plugin. However, since there isn’t a shipping platform or even a OS that’s been publicly released, nor have there haven’t been any official announcements my Microsoft, any information you might have would be purely…. speculation on your part.

    Are you going to dodge the question for a third time?

  31. Oh, yet, to make sure nobody thinks you got this timeline right either…

    You said, “You seem to have forgotten there was nearly a decade of Windows before NT 3.1 where even enterprise users couldn’t buy a Microsoft OS that didn’t run every process as “root.” ”

    The first IBM compatible PC with hardware that supported a protected mode was the Intel 80286 based IBM PC-AT in 1984. The first Microsoft OS for that architecture that supported processes running in different privileges was Microsoft OS/2 1.0 which was out less than 3 years later.

    Less than 3 years is one big stretch of “nearly a decade”.

    Oh, and since you said “nearly a decade of Windows before NT 3.1″ let’s look at your nearly a decade for Windows rather than for non-protected mode OSs. Here we do get closer. The gap between Windows 1.0 and Windows NT 3.1 was 7 1/2 years so while it’s technically silly, you’re only exagerating by 33% rather than 300%.

    Of course, there were virtually no “enterprise users” of Windows prior to 3.0 so that would be more like 3 years and we’re back to 300% exageration and Windows 3.1 really was the one that took Windows into corporations so now your “nearly a decade” is 2 years.

    And, to really see how far off you are, since Windows 3.1 was the first Windows that had any real penetration into “Enterprise users” and it shipped 3 years after Microsoft OS/2 1.0 which didn’t run programs as “root”, you’re, what, a negative percentage of exageration? An imaginary number? We’ll leave naming it to anybody reading.

    BTW: the first Microsoft OS that supported multiple security modes was Microsoft Xenix which shipped on the Tandy 6000 running on a Motorola 68000 in 1983. (It isn’t that Microsoft didn’t know about Unix, they just realized it was getting long in the tooth even back then)

  32. Oh, yet, to make sure nobody thinks you got this timeline right either…

    You said, “You seem to have forgotten there was nearly a decade of Windows before NT 3.1 where even enterprise users couldn’t buy a Microsoft OS that didn’t run every process as “root.” ”

    The first IBM compatible PC with hardware that supported a protected mode was the Intel 80286 based IBM PC-AT in 1984. The first Microsoft OS for that architecture that supported processes running in different privileges was Microsoft OS/2 1.0 which was out less than 3 years later.

    Less than 3 years is one big stretch of “nearly a decade”.

    Oh, and since you said “nearly a decade of Windows before NT 3.1″ let’s look at your nearly a decade for Windows rather than for non-protected mode OSs. Here we do get closer. The gap between Windows 1.0 and Windows NT 3.1 was 7 1/2 years so while it’s technically silly, you’re only exagerating by 33% rather than 300%.

    Of course, there were virtually no “enterprise users” of Windows prior to 3.0 so that would be more like 3 years and we’re back to 300% exageration and Windows 3.1 really was the one that took Windows into corporations so now your “nearly a decade” is 2 years.

    And, to really see how far off you are, since Windows 3.1 was the first Windows that had any real penetration into “Enterprise users” and it shipped 3 years after Microsoft OS/2 1.0 which didn’t run programs as “root”, you’re, what, a negative percentage of exageration? An imaginary number? We’ll leave naming it to anybody reading.

    BTW: the first Microsoft OS that supported multiple security modes was Microsoft Xenix which shipped on the Tandy 6000 running on a Motorola 68000 in 1983. (It isn’t that Microsoft didn’t know about Unix, they just realized it was getting long in the tooth even back then)

  33. Scott,

    At least you could do your homework.

    Just because you had applications that had to run a higher level (Most likely Power User and not Administrator) in Windows NT 3.1 did NOT mean that every process ran with full privileges. The OS processes themselves ran in lots of other levels. It isn’t as though somebody at Microsoft was so incompetent as to think that every item in the entire machine has to run as root. (unlike, apparently, every single person connected with the iPhone from the lowest level to Steve Jobs)

    As to security being a trade-off with convenience. Of course it is. When I’ve taught security it’s always a part of the opening lecture. When I’ve done security planning for production products that’s always been the trade-off.

    It’s kind of like comparing the security requirements for a 1980s PC which connected for a few hours a week to dial-up proprietary bulletin board systems over a 9600 baud modem and a 2007 device designed to have a permanent (relatively) high-speed connection to the Internet. Interestingly, Apple thought the latter could get away with being even less secure than the 1980s dial-up PC. Mind-boggling. Just mind-boggling.

    As for your attempt at a history lesson, I was there at the dawn of the Third Age of PCs…

    In 1988, Microsoft and had shipped OS/2 1.0 (and 1.1 late that Fall) and Gordon Letwin and his team at Microsoft were working on OS/2 2.x with IBM’s teams in Boca Raton, Florida and Hursley in the UK with IBM’s requirement that it had to run on the 80286 architecture and not use the 386 because IBM didn’t want PCs to cannibalize the System/36 market. Apple was releasing Macintosh System 6.0 and later that year, releasing 6.0.1 and 6.0.2. DEC had Dave Cutler and his team at the DECWest lab in Bellevue, Washington working on Prism untile DEC cancelled Prism in the Fall. At that point, he took his team the 3/4 of a mile from DECWest to Microsoft Main Campus to work on the next generation of IBM/Microsoft software. Now, in 1989, IBM and Microsoft started feuding over supporting the 80386 architecture in OS/2 and they agreed that IBM would take over the 80286 specific OS/2 2.0 and Microsoft would start on OS/2 3.0.

    Should you like to actually learn how a modern operating system (Like OS/2 or Windows NT) I’d suggest reading Gordon Letwin’s Inside OS/2 and Helen Custer’s Inside Windows NT. Both are excellent and available used.

    Perhaps you can give us a little history lesson on Gershwin? Or Copland? Or Apples wonderful success working with IBM on Taligent and Kaleida or CHRP or PREP? (Ask anybody who worked in that “joint venture” whether a PC can have a parallel port some time. It’s an amusing story of idiocy.)

    As for the rest, again, you seem to confuse Windows NT with Windows. That’s kind of like my saying OS X doesn’t support color because Macs in the 1980s didn’t.

  34. Scott,

    At least you could do your homework.

    Just because you had applications that had to run a higher level (Most likely Power User and not Administrator) in Windows NT 3.1 did NOT mean that every process ran with full privileges. The OS processes themselves ran in lots of other levels. It isn’t as though somebody at Microsoft was so incompetent as to think that every item in the entire machine has to run as root. (unlike, apparently, every single person connected with the iPhone from the lowest level to Steve Jobs)

    As to security being a trade-off with convenience. Of course it is. When I’ve taught security it’s always a part of the opening lecture. When I’ve done security planning for production products that’s always been the trade-off.

    It’s kind of like comparing the security requirements for a 1980s PC which connected for a few hours a week to dial-up proprietary bulletin board systems over a 9600 baud modem and a 2007 device designed to have a permanent (relatively) high-speed connection to the Internet. Interestingly, Apple thought the latter could get away with being even less secure than the 1980s dial-up PC. Mind-boggling. Just mind-boggling.

    As for your attempt at a history lesson, I was there at the dawn of the Third Age of PCs…

    In 1988, Microsoft and had shipped OS/2 1.0 (and 1.1 late that Fall) and Gordon Letwin and his team at Microsoft were working on OS/2 2.x with IBM’s teams in Boca Raton, Florida and Hursley in the UK with IBM’s requirement that it had to run on the 80286 architecture and not use the 386 because IBM didn’t want PCs to cannibalize the System/36 market. Apple was releasing Macintosh System 6.0 and later that year, releasing 6.0.1 and 6.0.2. DEC had Dave Cutler and his team at the DECWest lab in Bellevue, Washington working on Prism untile DEC cancelled Prism in the Fall. At that point, he took his team the 3/4 of a mile from DECWest to Microsoft Main Campus to work on the next generation of IBM/Microsoft software. Now, in 1989, IBM and Microsoft started feuding over supporting the 80386 architecture in OS/2 and they agreed that IBM would take over the 80286 specific OS/2 2.0 and Microsoft would start on OS/2 3.0.

    Should you like to actually learn how a modern operating system (Like OS/2 or Windows NT) I’d suggest reading Gordon Letwin’s Inside OS/2 and Helen Custer’s Inside Windows NT. Both are excellent and available used.

    Perhaps you can give us a little history lesson on Gershwin? Or Copland? Or Apples wonderful success working with IBM on Taligent and Kaleida or CHRP or PREP? (Ask anybody who worked in that “joint venture” whether a PC can have a parallel port some time. It’s an amusing story of idiocy.)

    As for the rest, again, you seem to confuse Windows NT with Windows. That’s kind of like my saying OS X doesn’t support color because Macs in the 1980s didn’t.

  35. Mike,

    You’re right. NT 3.1 was technically capable of running processes as “non-root”. However, as with most Microsoft products, it wasn’t that the technology didn’t exist – the implementation was the problem. NT was a targeted at the workstation / enterprise market and it was very impractical for general use.

    For example, since Mac OS 7 lacked preemptive multitasking and protected memory at the time, I used NT 3.1 – Win 2K as my primary desktop OS until 2003. However, I found it very painfully difficult to run NT as non-administrator since it conflicted with how security was implemented across the entire Windows platform. (I simply refused to run 9x. While NT shared it’s poorly designed UI with 3.1/9x, at least it was more secure, stable and didn’t become corrupt nearly as often)

    Many third-party applications (and even some apps from Microsoft) assumed that the end user had full administrative privileges. These apps simply wouldn’t run correctly unless you were logged in as admin. Microsoft’s “solution” was to develop two parallel distributions: NT and 9x, with the promise of eventually merging them into one.

    Again, these issues remained not because because Microsoft simply “hadn’t figured out it was bad yet”, it was a choice of convenience, time to market and compatibility vs. security. Microsoft’s own Jim Allchin paints a clear picture of the situation here…

    http://windowsvistablog.com/blogs/windowsvista/archive/2007/01/23/security-features-vs-convenience.aspx

    With the addition of features such as UAC, integrity levels, session 0 isolation, UIPI and data redirection in Vista, only recently has Microsoft created a OS where it’s truly practical for non-enterprise users to run under a non-adminstrator account – but at the expense of compatibility.

    Mike wrote: “1993 – you know, back when Apple was touting the benefits of Macintosh OS 7.1 while working on Copland, Gershwin and (With IBM, Taligent “Pink”), all of which failed when Apple realized they didn’t have the skills needed to architect a modern operating system.”

    Sounds allot like 1988. You know, when Microsoft was hyping Windows 3.0 while working on OS/2 1.0, which was effectively still born. Microsoft realized they didn’t have the skills to architect a modern operating system, so it hired David Cutler and a small army of developers from Digital to re-implement VMS in C as a host for Win32. And, of course, let’s not forget Microsoft’s own unsuccessful venture to build a modern OS with IBM : OS/2 2.0.

    Mike wrote: “There has NEVER been a Windows NT based OS that ran every processes as the equivalent of root”

    You seem to have forgotten there was nearly a decade of Windows before NT 3.1 where even enterprise users couldn’t buy a Microsoft OS that didn’t run every process as “root.” This decade had a huge impact on the entire Windows architecture, Windows application development and end user expectations. Having performed tech support for several business running Windows 3.x, I’m quite familiar with the limitations of these versions as well.

    Mike wrote: “(Oh, just to get the timeline right, Apple didn’t succeed in getting an OS out the door with ANY security model until 2001 – eight years after Windows NT set a bar that Apple still hasn’t reached)”

    So then why do we see armies of zombie Windows PC sending spam and DOS attacks? Again, because most XP users found it impossible or very impractical to run as a non-administrator account.

    P.S. Still looking for signs of Microsoft’s Microsoft’s next-generation, Windows Mobile platform, OS and SDK.

  36. Mike,

    You’re right. NT 3.1 was technically capable of running processes as “non-root”. However, as with most Microsoft products, it wasn’t that the technology didn’t exist – the implementation was the problem. NT was a targeted at the workstation / enterprise market and it was very impractical for general use.

    For example, since Mac OS 7 lacked preemptive multitasking and protected memory at the time, I used NT 3.1 – Win 2K as my primary desktop OS until 2003. However, I found it very painfully difficult to run NT as non-administrator since it conflicted with how security was implemented across the entire Windows platform. (I simply refused to run 9x. While NT shared it’s poorly designed UI with 3.1/9x, at least it was more secure, stable and didn’t become corrupt nearly as often)

    Many third-party applications (and even some apps from Microsoft) assumed that the end user had full administrative privileges. These apps simply wouldn’t run correctly unless you were logged in as admin. Microsoft’s “solution” was to develop two parallel distributions: NT and 9x, with the promise of eventually merging them into one.

    Again, these issues remained not because because Microsoft simply “hadn’t figured out it was bad yet”, it was a choice of convenience, time to market and compatibility vs. security. Microsoft’s own Jim Allchin paints a clear picture of the situation here…

    http://windowsvistablog.com/blogs/windowsvista/archive/2007/01/23/security-features-vs-convenience.aspx

    With the addition of features such as UAC, integrity levels, session 0 isolation, UIPI and data redirection in Vista, only recently has Microsoft created a OS where it’s truly practical for non-enterprise users to run under a non-adminstrator account – but at the expense of compatibility.

    Mike wrote: “1993 – you know, back when Apple was touting the benefits of Macintosh OS 7.1 while working on Copland, Gershwin and (With IBM, Taligent “Pink”), all of which failed when Apple realized they didn’t have the skills needed to architect a modern operating system.”

    Sounds allot like 1988. You know, when Microsoft was hyping Windows 3.0 while working on OS/2 1.0, which was effectively still born. Microsoft realized they didn’t have the skills to architect a modern operating system, so it hired David Cutler and a small army of developers from Digital to re-implement VMS in C as a host for Win32. And, of course, let’s not forget Microsoft’s own unsuccessful venture to build a modern OS with IBM : OS/2 2.0.

    Mike wrote: “There has NEVER been a Windows NT based OS that ran every processes as the equivalent of root”

    You seem to have forgotten there was nearly a decade of Windows before NT 3.1 where even enterprise users couldn’t buy a Microsoft OS that didn’t run every process as “root.” This decade had a huge impact on the entire Windows architecture, Windows application development and end user expectations. Having performed tech support for several business running Windows 3.x, I’m quite familiar with the limitations of these versions as well.

    Mike wrote: “(Oh, just to get the timeline right, Apple didn’t succeed in getting an OS out the door with ANY security model until 2001 – eight years after Windows NT set a bar that Apple still hasn’t reached)”

    So then why do we see armies of zombie Windows PC sending spam and DOS attacks? Again, because most XP users found it impossible or very impractical to run as a non-administrator account.

    P.S. Still looking for signs of Microsoft’s Microsoft’s next-generation, Windows Mobile platform, OS and SDK.

  37. Thirteen Years.

    Thirteen Years?

    I could understand you being off by a year or two but you’ve actually got the timeline off by THIRTEEN YEARS.

    The Windows NT family (Which includes Windows XP and Windows Vista) has been around since July 1993 – not “last year”, not even 2001 (when Windows XP became the first NT architecture OS to become the dominent OS in the world) but 1993.

    1993 – you know, back when Apple was touting the benefits of Macintosh OS 7.1 while working on Copland, Gershwin and (With IBM, Taligent “Pink”), all of which failed when Apple realized they didn’t have the skills needed to architect a modern operating system.

    Since 1993 Microsoft has been selling an operating system to the public that was certified by the NSA as meeting their Trusted Computer System criteria at level C2. (No Apple product ever met their tests and, aside from the Windows NT core OS, only a very few specialized “Hardened” OS products designed for the military and intellegence agencies have been at the C or higher level)

    All the Windows NT family operating systems ever built have processes running in various levels and as part of being a C level product architected at the B level, it isn’t even possible to have an object that doesn’t have a full set of ACEs and ACLs. There has NEVER been a Windows NT based OS that ran every processes as the equivalent of root. (The Windows security model is MUCH more sophisticated and granular than typical Unix designs so there really isn’t such a crude concept as a “root” user)

    On top of that, Active Directory, COM+ and .NET added additional granularity and managability to the security model including .NET’s evidence based object security model.

    (Oh, just to get the timeline right, Apple didn’t succeed in getting an OS out the door with ANY security model until 2001 – eight years after Windows NT set a bar that Apple still hasn’t reached)

  38. Thirteen Years.

    Thirteen Years?

    I could understand you being off by a year or two but you’ve actually got the timeline off by THIRTEEN YEARS.

    The Windows NT family (Which includes Windows XP and Windows Vista) has been around since July 1993 – not “last year”, not even 2001 (when Windows XP became the first NT architecture OS to become the dominent OS in the world) but 1993.

    1993 – you know, back when Apple was touting the benefits of Macintosh OS 7.1 while working on Copland, Gershwin and (With IBM, Taligent “Pink”), all of which failed when Apple realized they didn’t have the skills needed to architect a modern operating system.

    Since 1993 Microsoft has been selling an operating system to the public that was certified by the NSA as meeting their Trusted Computer System criteria at level C2. (No Apple product ever met their tests and, aside from the Windows NT core OS, only a very few specialized “Hardened” OS products designed for the military and intellegence agencies have been at the C or higher level)

    All the Windows NT family operating systems ever built have processes running in various levels and as part of being a C level product architected at the B level, it isn’t even possible to have an object that doesn’t have a full set of ACEs and ACLs. There has NEVER been a Windows NT based OS that ran every processes as the equivalent of root. (The Windows security model is MUCH more sophisticated and granular than typical Unix designs so there really isn’t such a crude concept as a “root” user)

    On top of that, Active Directory, COM+ and .NET added additional granularity and managability to the security model including .NET’s evidence based object security model.

    (Oh, just to get the timeline right, Apple didn’t succeed in getting an OS out the door with ANY security model until 2001 – eight years after Windows NT set a bar that Apple still hasn’t reached)

  39. Mike,

    Since it was only with in the last year that Windows even had the ability to run specific process as ‘non-root’, are you implying that it took Microsoft over a decade to “realize running every process as root” was a bad idea?

    Of course, we both know there were other considerations in play, such as backwards compatibility, time to market, development resources, etc. Had Microsoft really wanted to make security it’s number one priority, we could had seen Vista like account controls much earlier.

    (Instead, Microsoft helped create a massive network of zombie PCs that are used to send spam and perform denial of service attacks. Gee thanks!)

    The iPhone is based on Mac OS X and dependent on Leopard technology, such as Core Animation. Since Leopard was delayed by six months, I wouldn’t at all be surprised if iPhone v1.0 was a contingency / temporary solution until OS X 10.5 shipped and the real v1.0 was complete. Of course that’s just speculation.

    On the other hand, we no longer have to speculate on a third-party iPhone SDK since Apple has done the “impossible.” Apple has a next generation device, OS *and* SDK.

    So, the question remains: where’s Microsoft’s next-generation, Windows Mobile platform, OS and SDK?

    Still haven’t seen any indication Windows Mobile will gain WPF-like functionality beyond unofficial demos of Silverlight. And, last time I checked, it’s rather difficult to write a next generation mobile phone OS using a browser plugin.

Comments are closed.