[Promotion] key features

Martijn Klingens klingens at kde.org
Thu Jan 26 02:20:06 PST 2006 

I agree with Sebas and Quim that we'd better get work done and this thread is 
getting a bit off-topic from that goal, so I'll try to make this my last 
mail.

On Wednesday 25 January 2006 23:44, Santiago Roza wrote:
> On 1/25/06, Martijn Klingens <klingens at kde.org> wrote:
> > Well, if you ignore it the whole promise of security falls apart and
> > turns into a _false_ promise.
>
> i never said we should promise "security" in abstract.  i said "more
> secure"... or "no viruses or spyware" to be more precise.

As I said, "no viruses or spyware" is a thing that won't last. And by the time 
they start to appear (which is by the time we have a market share of 10+%, 
perhaps we need 25%, but eventually they will appear) people will certainly 
remember the claims we made and have them backfire.

Also note that there's a huge difference between what you may be telling 
("more secure") and what the people perceive ("immune to security problems"). 
In practice people tend to interpret security-related statements a lot more 
liberal than what we actually said. And while that is not our fault it is 
certainly our problem, since users will complain or move away again.

> > - we remain small enough to not make our platform attractive for malware
> >    authors to commercially exploit
>
> again, i'm not sure that's the reason (and many others seem to agree with
> me).

The people who agree are generally open source advocates and other people 
deeply involved in free software. Take a look at the SANS website, 
SecurityFocus, or other respectable security-sites and you'll see that the 
security community tends to agree that malware for the free desktops (and for 
Apple, for that matter) *will* appear.

> > However, if you are running Win XP or 2003 with
> > drivers from responsible manufacturers fact of the matter is that the
> > Windows kernel is an impressively stable beast.
>
> depends on what you install... don't give me theoretical scenarios
> with pristine xp boxes please  :)

I am not talking about theoretical scenarios, I am talking about the dozens of 
boxes that we had at my previous job. The XP and Win2k3 boxes never showed 
blue screens (which is my definition of a system crash, application crashes 
are different, harder to prevent, less destructive, and just as common on our 
platform) unless the hardware was broken.

> we're talking about firewall +antivirus +antispyware +buggy webshots
> desktop +buggy download accelerator plus +adware divx codecs +adware
> p2p client +buggy msn messenger 7 +buggy windows media player
> +whatever, including some extra spyware.

:)

I knew this would come up. However, please think about it. None of these are 
part of the core operating system. It is unfair to blame the authors of the 
core OS of the application crashes caused by this. If they were complete 
system lockups, perhaps, since that's the kernel's realm, but if single 
applications crash because of this it is NOT the problem of MS.

Also, if we become bigger we will be facing EXACTLY the same issues. The 
reason people run this software is because it exists and it fulfills a need 
for them. By the time we are big there will be 3rd parties writing similar 
software for our platform. In fact, I would encourage them to do so, since 
the availability of a large amount of 3rd party software is a very potent way 
to make our platform thrive.

In short, this is not a problem of the MS platform, but an inherent result of 
being a big player. Using it as an argument against MS is convenient but 
completely untrue.

Now, as I said I don't think this is the right moment for such an in-depth 
thread. I am willing to continue it off-list, but continuing here seems 
unwise to me.

-- 
Martijn

More information about the promotion mailing list