One of the reasons that Microsoft's security is so poor is that they refuse to disaggregate their software into easily maintained modules. They've got what they believe are solid business reasons for that choice, along with a good strong dose of institutional intertia and corporate arrogance.
To see just how tangled Microsoft's software is, here are two diagrams of how "servers" send web pages. The first diagram shows the "system calls" that go into serving up a web page using the free, open-source Apache's web server; think of it as the path a request takes from the time you request a web page until it shows up at your computer's browser. While it looks pretty complicated, the paths are actually fairly clean.
Now take a look at how Microsoft's IIS system treats that same request. It's a tangle of spaghetti that makes the first one look like a walk in the park. And I agree with the blogger who commented that the more tangled the code, the more opportunities for security holes.
Topics: · computing · internet · microsoft · open+source · security
Link to this story · Comment form · Blog Home
To leave a comment, please fill out this form.Comments are closed for this story.
Trackbacks are closed for this story.
