Image Image Image ImageImage
Creative Services for
Roughly Drafted
Daniel Eran

Image Image

Five Architectural Flaws in Windows Solved In Mac OS X
Flaw 2 - Windows' opaque and illogical file system presentation
Mac OS X applications and files are organized into clear, obvious security contexts.

Apple controls:
- system and support files in /System/Library

Machine administrators control:
- support files in local /Library
- applications in local /Applications
- documents in local / (root directory)

Users control:
- support files in /User/username/Library
- applications are installed in /User/username/Applications
- documents under /User/username/

Apple's convention of bundles, which present a folder and all of its contents as a file, renders individual Mac OS X applications as clean, uncluttered, self contained objects.

In Windows, the user, local and system contexts are muddied. Directories containing applications and settings are considered too confusing and dangerous to even display for users, so when a user tries to browse the file system, they are presented with:

These files are hidden. This folder contains files that keep your system working properly. You should not modify its contents.

Microsoft installs Windows into /WINDOWS, but the directory is mingled with third party additions, the problem that the reserved /System directory solves on Mac OS X.

Most programs install into /Program Files. Microsoft considers this folder too messy, confusing and dangerous to even display for users. Additionally, while Windows has lacked a limitation on file names for years, Windows applications are still a mess of cryptic 8.3 names, so that Internet Explorer is iexplore.exe and Outlook Express is msimn.exe.

Being messy and cryptic is not necessary, it is simply a Windows convention; Apple installs iTunes.exe and QuickTimePlayer.exe for Windows users.

Users have their own folders under /Documents and Settings/username/, but the Application Data and Local Settings folders (the equivalent to Mac OS X's ~/Library ) are both considered too confusing and dangerous to display. This is problematic for users, since that's where their cookies, caches, plug-ins, email and other stuff is saved.

Most of the user, application and machine settings are actually kept in the Windows Registry, which is even more complex and dangerous to allow users to access.

Windows' complexification further results in a file system layout that doesn't make logical sense. The user's desktop is presented as being the root directory, with everything inside it (My Computer, which contains drives; My Documents; etc.), but it's also presented elsewhere at its real location: /Documents and Settings/username/Desktop.

However, once a user navigates to the desktop, they can't go up a level to view their user directory. This results in shortcuts being put in the desktop directory (when viewed from a file browser) that don't necessarily appear on the desktop. What a mess!

It's easy to continue complaining about the illogical, inconsistent behaviors in Windows, but the key point is that Windows' opaque file system not only makes it hard to find things, but it also, more importantly, makes it easy for malicious code to hide things in a way that users can't easily monitor or defend against.


| | Digg

Flaw 3 - 'Least privilege' is impractical and broken


More Journal Entries | More Tech Articles | Get Tech Support | My Resume | Links | Contact RoughlyDrafted

Articles Copyright © 2006 Daniel Eran. All rights reserved.
Suggestions and comments welcome. Contact RoughlyDrafted.

Read more about:
Click one of the links above to display related articles on this page.