[This is no better than the virus-protection issues. A company creates an operating system susceptible to viral attack. I'm expected to purchase third-party products to protect me from the underlying design and coding issues that allow the attacks in the first place.]

A builder constructs a house, and its your responsibility to protect it from intruders, termites, fire, etc...

An operating system vendor, just like a house builder, does-not/cannot guarantee that its product will shield you from the evils of the world.

So the responsibility is yours.

It is not about software, it is about freedom. Places no one goes do not have anyone build roads to them. Self protection of most automobile is seldom a high priority to most passengers until valuables are carried on board.

(Not to express any disagreement with Roy, but to simply be the "Devil's Advocate")...

What if the (newly-built) "house" has:
1) a "faulty roof"?
2) a "cracked foundation"?
3) no glass in any/all of the windows?
4) (put your own in here)

And, what if the "builder" offered to fix the problem for more money?

I think this analogy may be more along the line the OP was following, though. And it may not just apply to MS Windows et al.

For instance, ISPs take your money and promise you all kinds of services and benefits. Though you get your mail and connectivity via THEIR servers, they claim no responsibility for undesirable traffic that makes it to your computer. And, they usually offer to "help fix" some of that - at an additional price.

What's more, you get a considerable amount of spam directly from your own ISP. Promotional e-mail, banners included with their "free" softwares, "reminders" about their products in your e-bill, and even throughout a "customer service" e-mail (or phone) exchange.

As far as OS "flaws" go, you can't argue that the final responsibility of covering them lies with the user. A conscious decision was made to install and run the OS, and if the user wants to continue to do so he/she must do what is necessary to protect the system, using what is available. If you live in the real world, you know how foolish it would be to operate any differently, regardless of who you think is "responsible" for your vulnerabilities.

Having said that, there's no doubt in my mind that MS (for instance) is motivated by different factors than the needs/wants of its OS users. I believe the "bottom line" rules out over "quality checking" when it comes to releasing a new OS, or any softwares that are designed to run on it. More could be done to "nail down" the system, before launching the product.

In their defence, companies do put out the necessary patches, when they have them, and don't charge for them. In one sense, that may be an acceptance of responsibility (for the flaw) on their part. But, you have to admit this whole "updating" process is a real pain in the ass, particularly if you want to dump and reload your operating system fresh.

The whole thing just makes it necessary for ALL users to become more computer savvy. Personally, I don't think that's a bad thing. If "everyone" is going to connect to the Internet, then everyone should know what the hell they're doing when they are.

The trouble is, too many out there view their computer as "just another appliance", and don't see why they need to expand their knowledge in its regard.

That's OK for such people, as long as they don't plug in that ethernet cable!

Personally, I wouldn't want my ISP to filter my mail for spam. After all, where would the responsibility lie if they were to inadvertently filter out some legitimate mail?

Spam is simply going to get worse, unthinkably worse, as long as it doesn't cost anything to send it. When it's a dollar a message to transmit, it will shrivel up into something manageable. It's not the way I want it to be, but I'm afraid nothing else will work. As long as it's cheaper for businesses to send email than it is for them to devote growing amount of resources to stopping incoming spam, they will accept pay-per-mail. Free email is going to go the way of unlocked front doors. Nice while it lasted, but no longer an option.

You are absolutely right. Dave, your posting is what I call Andy Rooney's quality. Andy is one of my heroes!

Expanding on rich's comment, why does it even need to be $1/email? I would think that 1¢/email would significantly eat into the profit marins of would-be spammers without hitting the wallet of an average user too hard. This cost *might* be significant for companies, but it would be interesting to see if it would be offset by decreased costs in network bandwidth and/or third-party spam filters.

On the flip-side, being victimized by email-propagating worms/viruses might hurt that much more.

A dollar a message? A fraction of a cent per message would get rid of most spam.

[An operating system vendor, just like a house builder, does-not/cannot guarantee that its product will shield you from the evils of the world.]

I hope I'm not being too contentious by being more specific here -- the *only* OS which requires additional anti-virus protection is Windows.

Mac OS, Linux, Unix, MS-DOS, etc. do not suffer from viruses to anything like the degree to which Windows does.

As a chap with a MS in CS, I can say with a little bit of authority that this is due to poor design and engineering on Microsoft's part.

i could live with the housebuilder scenario if the shoddy builder didn't have a corner on the market. as it stands, the vast majority of all house furnishings made are made for this builder's style of house, plain and simple. either i have to do without common facilities (even the plumbing of standards is compromised!), or i have to live with their crappy (pardon the pun) product. (i have to reboot xp every few days, to clear away some malfunction in windows explorer or some other essential system service; fortunately i can suspend my linux VM and resume where it was after reboot.)

ms windows is horribly flaky due to the expedient of not restricting third party drivers from privileged kernel space, because ms wanted the performance advantage at the expense of reliability and security. simple enough. they have continuously cemented their lead by undermining competitive efforts in any way they could find, pervasively doing their best to hamstring innovation unless they could put their exclusive brand on it, and working around the fundamental flaws in progressively more baroque, labor-intensive ways.

a business that succeeded due to its exquisitely cutthroat practices rather than its technical merits leaves us users as screwed as its competitors. please pardon my vitriol - i'm frustrated, and see mild objections to the situation as a kind of habituated, no-recourse tolerance to a pervasively bad situation. (i'm less generous in my assessment when it's governments that are doing the tolerating.)

ken

@Haydn
[I hope I'm not being too contentious by being more specific here -- the *only* OS which requires additional anti-virus protection is Windows.]

Yes... I'm not debating whether the house-builder cuts corners and uses shoddy workmanship that leads to an infestation of trojan termites. ;-)

Windows could, in fact, be a piece of junk with gaping security holes, but my argument is that its not MS's responsibility, and theres no guarantee made on their part regarding workmanship. Consider it as a house thats sold "as-is".

The OP did also point out an important point - If MS moved to bundle spyware and/or anti-virus tools, what happens to 3rd party vendors? Another anti-trust lawsuit?

roy russo wrote:

> Windows could, in fact, be a piece of junk with
> gaping security holes, but my argument is that its
> not MS's responsibility, and theres no guarantee
> made on their part regarding workmanship. Consider
> it as a house thats sold "as-is".

i could live with this "market decides" argument if the market were well tended. that's not the case, here, and the worst kind of distortion of choice is occurring. you're "free" to choose better operating systems if you're willing to forego many useful and often some essential operating resources - interoperation and business software, entertainment, whatever.

the alternatives are so superior that increasingly many are doing just that, despite an outrageously entrenched market environment and continuing cutthroat practices by the 800 lb gorilla. the migration is obvious, but it's slow - on the order of generations - mostly because of cutthroat opportunistic practices by those behind the entrenchment.

i would look at the "responsibility" ms has for their os security more like builder's responsibility not to use shoddy construction techniques, or include toxic materials. construction standards are a well accepted necessity in the building trades. virus susceptibility seems to me quite like unsafe building practices - for those of us that have lost time and, even worse, precious work, the pain is pretty real. that a dominant company is trying to prevent communities from providing alternative products *any way it can get away with* has caused a lot of harm. i don't think any honest party has any doubt about the responsibility, it's just a question of the political will to do something about it.

(securing email is a thornier call. there are simplish technical solutions which fail in the face of legacy and/or privacy issues. market-based solutions, like micropayments, bring in a whole host of playing-field changes that are hard to level.)