1. 31

  2. 7

    I’ve been using Apple computers my entire life, since I was a child. Our first Mac predated the G3, although I can’t remember the exact model.

    I now have a Purism laptop on the way, and I’m going to try my damnedest to avoid Apple from now on.

    I feel that Apple’s software quality has been getting almost monotonically worse since the mid 2000s. For a while the iPhone was a paragon of simplicity and intuitiveness, but now it’s a buggy complicated mess. It seems like every week I’m sending a new bug report that really should have been caught in QA to my friends at Apple (because good luck getting Apple to address it otherwise).

    Apple’s hardware is still top-notch, but I can’t tolerate the utter garbage they’re running on it.

    I strongly believe that a drastic change in our software development process is required if humanity wants to keep increasing software complexity, but for now just using decent open-source software seems to work OK.

    1. 2

      I wonder if this will cause some upheaval in Apple development and security culture; much like how XP security trash fires and Vista development hell in the early 2000s caused MS to rethink theirs.

      1. 5

        From the outside, just reading what people wrote in public, it sounds like what happened with XP is that the faction inside Microsoft which wanted to spend money on writing secure software did not have much influence at the time it was written and shipped. This is reasonable coming out of the decades of vast fiscal success of OSes like Windows 95 which had essentially no security at all.

        Then CodeRed and Nimda happened and a bunch of articles were published pointing out how, when you attach a fresh out the box WinXP computer to the internet, it gets taken over by malware before it can even download patches.

        As a result of that, Microsoft’s leadership came to the conclusion that security was becoming an existential threat, so the people in Microsoft who were arguing things like “let’s spend the money it takes to make a safer alternative to strcpy and change all our software to use it instead of strcpy” suddenly got listened to a lot more.

        I’d be really really interested to hear insider perspective on this, especially if it turns out that I got the whole thing totally backwards or something. :)

        1. 14

          I’ll try @calvin. We won’t know the inside story until quite a few books get written by people that retire. As in, the story can’t ruin their existing careers. That’s how MS usually works. ;) What I can tell you is that description may be off based on past things I read. Here’s a few to factor in.

          For one, the negative reputation of Microsoft in security got so bad that they hired Steve Lipner from high-assurance security to come fix it. He had previously done OpenVMS’s VMM for DEC with INFOSEC pioneer, Paul Karger. At Microsoft, he watered down the stuff that was in TCSEC for security certification into the Security Development Lifecycle: a process of reviewing security-relevant aspects of systems from design to implementation to maintenance. He was very clear about what Microsoft’s priorities were in deploying it: shipping over security. That’s where the money’s at after all. Even so, the process worked in two big ways: 0-days in Windows kernel dropped so low attackers started digging into everything else; reliability of Windows (esp Server 2003) surpassed Linux in enterprise surveys. Reputation restored.

          For Vista, they also wanted to do some new OS that did fundamental changes to things such as the driver architecture and security model. Good concept but they flopped the implementation. They were so obsessed with monopolistically forcing the release with big sales that they didn’t do the UX and QA work it needed. Their response to negative reaction was quite arrogant. Realistically, they should’ve rolled it out slowly for hardware and software ecosystem to catch up to changes in fundamental layers. Early numbers showed it was reducing bugs and vulnerabilities for things designed for it, though. The SLAM tool by itself eliminated most blue screens. A presentation also indicated Chrome’s outer sandbox leveraged a bunch of de-privileging features they built-in, too.

          With Microsoft, though, more features to get people to upgrade with more lock-in and billions are always the priority. That overriding focus caused Vista launch to suck but security/reliability efforts worked. The fixed, release-worthy version of Vista was called Windows 7: a Windows with most reliability, security and usability than WinXP that took maybe 100MB more RAM in my configuration. It was best one I ever had. On Linux now cuz screw backdoored versions of Windows like 10.

          I’ve heard from some that the CEO cut back on QA in recent years. Another person just told me MS Research stopped or slowed investment into things like Dafny that were helping them bulletproof code. They might be swinging back to being monopolists. In the past, though, they learned from the best in security field to do a 180 on their practices with their reliability exceeding Linux with security acceptable for a mainstream OS. The new focus is an opportunity for security-focused desktops building on Linux or BSD’s.

          1. 1

            Thank you!

            1. 1

              You’re welcome!

          2. 2

            I think @nickpsecurity can tell you this saga, especially with things related to say, formally verified drivers.