Re: Win 2000 any better?

["Gene C." <czar () acm org>]

On Thu, 04 Nov 1999, Mikael Olsson wrote:
> I'd just like to point out a couple of things regarding security
> here...
>
> 1. Win2000 might have more nifty security policies and editors in place,
> but that does not constitute security in and of itself.
>
> 2. Most attacks that we see today have NOTHING to do with setting
> object-based security in operating systems. 
>
> 3. Most attacks today are based on BUGS in the operating systems 
> and applications.
>
> 4. The average programmer goofs up (causes a bug) on average in 
> 1-3 places per 1000 lines of code.
>
> 5. Win2000 introduces some 15 million (more? little less?) lines
> of new code.

I believe that you are underestimating the potential size of the problem. 
Win/NT 4.0 has about 13-15 million lines of code.  From what I have heard,
Win/2000 has about 40 million lines of code (or maybe more).  Furthermore,
according to a book I read (don't remember the title) which analyzed how
Microsoft develops code, Microsoft has a "policy" of rewriting at least 20% of
existing code between major releases.

Given the above, I would estimate that Win/2000 has about 28 million lines of
new code.  Of course the functioning of the remaining 12 millon or so lines of
code could dramatically change as a result of the new code.

Given the size of this monster, I seriously doubt that anyone (inside or
outside of Microsoft) truely understands what is going on.

Additionaly, Microsoft seems to like the idea of small functions which "look
under a rock" to see if a message is for this function and if it is it leaves
another message under a "different rock".  This further complicates the
understanding of just what happens when some event occurs.

Gene

[snip]