Hi Null Device,

Your post and several others recently have led me to ponder on what is to be expected from an operating system?

I remember the days of DOS, when the OS had no security. You had to rely on the power up password protection in the BIOS.

Windows 2.03 and 3.0 had no protection either, as you booted into DOS first.

Windows 95 had an apparent password, as did 98/98se/Me. These are not true password protections, they are really designed for home systems to allow multiple users to have seperate desktops.

For quite a while NT4 was relatively safe because it did have a security system, and was not well known to virus writers.

I think that the real problems have come with the rise of the internet and the explosion in home computers, most of which are owned by security illiterate people? The speed of connectivity has exacerbated the problem.

What I wonder is just how much is the responsibility for security that of the Operating System Vendor, and how much is that of the purchaser?

Historically, it was always the purchaser who was responsible for running his systems in a secure environment. It seems that opinions have changed somewhat?

I am just not talking about Microsoft, as *nix was spawned in an insecure academic environment, and it is only fair that all OS suppliers are judged equally.

So my question is, to what extent do you think it is the responsibility of the OS provider to guard against some very obscure exploits, that really have nothing to do with the main function of an OS, which must be to stably operate a computer?

I would be interested in your opinion, and that of fellow AOers,

Cheers