Running Win10 after end of life

techlists at phpcoderusa.com techlists at phpcoderusa.com
Sun May 11 17:05:55 MST 2025 

Thanks David!!  I now understand.

You said : "So it’s really surprising to me to hear people on a Linux 
group assert that they “do not undersand how an Apple is less vulnerable 
when not being upgraded”.  In all fairness that was me and I am a PHP 
developer.  I have used and played with Linux since around 98.  I am by 
no means as informed as you.  Most of my focus has been LAMP usage.  
Most recent Ubuntu, Apache, MySQL (MariaDB),  and PHP.

Thank you for this great explanation!!

- Keith

On 2025-05-11 16:22, David Schwartz via PLUG-discuss wrote:
>> On May 11, 2025, at 7:55 AM, Keith Smith via PLUG-discuss 
>> <plug-discuss at lists.phxlinux.org> wrote:
>> 
>> Still do not understand how an Apple is less vulnerable when not being 
>> upgraded.  I know most attacks are om M$ and the Web....
> 
> I have two thoughts on this:
> 
> 1) MacOS is built on Unix, which has been around more than a decade 
> longer than DOS and two decades longer than Windows. And since Windows 
> was built on top of DOS and still has a lot of DOS code at its core, it 
> has the same vulnerabilities that DOS had.
> 
> Unix, on the other hand, was named as a play on words derived from 
> “Unix is not MULTICS” where MULTICS was the most advanced and secure OS 
> ever devised at the time. It was funded by DARPA and built by Honeywell 
> to be a highly-secure platform for use by the military that 
> incorporated security features in both the hardware and the software.
> 
> Unix was built by some guys who wanted to show that you could create a 
> secure OS without the need for specific hardware features.
> 
> That is to say, security is built into the DNA of Unix and all of its 
> derivatives.
> 
> I don’t think anybody gave even the slightest thought to security 
> during the development and evolution of DOS or Windows.
> 
> 2) Windows is a “known danger zone” simply because it’s found on 90% of 
> comptuers world-wide, which makes it a sitting duck for anybody looking 
> to hack into some hardware. If you go to any random IP, you have a 90% 
> chance of it being a Windows machine.
> 
> Even worse, by default, most Windows machines were configured out of 
> the box with most security stuff DISABLED. Non-techie users (probably 
> about 95% of all users) would never turn on these settings, or use 
> complex passwords, or often even change their passwords. Which makes it 
> even easier to break-in to them. That’s why so many machines can be 
> broken into simply by running a script that tests a bunch of known 
> exploits.
> 
> Right out of the box, Unix systems come with security ENABLED. There 
> are layers, and most users don’t know what they are or how to change 
> them anyway, including those trying to break-in.
> 
> When I learned Unix in the mid-80’s, there were files like /etc/passwd 
> and /etc/sudoers that contained user login details in clear-text that 
> was easily accessible. Today there are several levels of indirection 
> needed to access these details, and their contents are partially if not 
> completely encrypted. (I don’t even know where they’re stored today!)
> 
> Back then, I was able to use uucp to connect from one Unix box to 
> another and update the login details on the other box without changing 
> any settings at all. That’s impossible today, and has been for maybe 25 
> years now.
> 
> A version of MacOS from 2010 was far more secure than Windows 10, and 
> still is even without upgrades. Windows has always been like a leaky 
> boat that constantly needs patching. Unix was already pretty damn solid 
> pre-Y2k when everybody was scrambling around trying to fix software 
> they thought would cause the end of the world on 1/1/2000, much of 
> which was built on DOS and early versions of Windows.
> 
> I simply don’t worry about my 10-yo Mac Mini or it’s 8-yo OS because 
> Unix was already damn near bullet-proof in 2000, and I’m not sure how 
> much MORE bulletproof it was fifteen years later in 2015. Windows XP, 
> 7, 8, and 10 were ALL leaky as hell AT THEIR CORE and required constant 
> patches and upgrades.
> 
> To be honest, Apple used Unix on the Lisa, but it wasn't on the 
> original Macintosh. Later they released something called OS9 that I 
> think was Unix, but I’m not sure. When Jobs was fired, he started a 
> company named Next Computer and they adopted BSD Unix as their core OS. 
> It was beefed-up and improved. When Jobs returned to Apple, he required 
> that Apple also purchase Next and all of their IP. That included their 
> OS that was renamed OSX (as in OS10) and replaced OS9. It eventually 
> was installed in all of their hardware and remains today.
> 
> So it’s really surprising to me to hear people on a Linux group assert 
> that they “do not undersand how an Apple is less vulnerable when not 
> being upgraded” — in all of it’s variations and accusations, as if it’s 
> even in the same league as anything MS has EVER released when it comes 
> to security vulnerabilities.
> 
> Unix has **ALWAYS** BEEN LESS VULNERABLE  than both DOS AND WINDOWS!!!  
> With or without upgrades and patches.
> 
> Because security was built into its DNA, right from the start — the 
> designers wanted to build something that was as secure as MULTICS 
> without the hardware.
> 
> Does anybody really think it’s meaningful to compare that with an OS 
> that still has DOS at its core?
> 
> -David Schwartz
> 
> PS: most people don’t know this, but Windows NT was supposed to be 
> Microsoft’s answer to Unix that ran on Intel’s 286 chip in “protected 
> mode”. The 286 architecture itself was designed by a bunch of guys who 
> literally worked on MULTICS at Honeywell for a decade. The protected 
> mode kernal was designed to work hand-in-glove with the 286 chip. It 
> was supposed to be a “mini-MULTICS” machine, but it never came to be.
> 
> The problem was the chip designers made a little tweak to the design 
> AFTER the OS team had signed-off and it was never run by the OS team 
> before it was implemented. So when the first 286 chips started being 
> produced, the OS team got their hands on them and discovered the change 
> because … it BROKE THEIR SECURITY DESIGN! Which is why there was NEVER 
> a single OS released that ran in “protected mode” on the 286. That 
> really screwed both Microsoft as well as IBM who was working on OS/2 
> that was also supposed to run in “protected mode”. Intel’s response 
> was, “We’ll fix that in the 386, but for now you can’t run in 
> 'protected mode’".
> 
> The reason the chip guys made that change was because the 
> context-switch time to go in and out of “protected mode” was so slow 
> that they figured it wouldn’t be used if they couldn’t speed it up. So 
> they tweaked it. But their tweak broke the security. And when the 386 
> came out, benchmarks showed protected mode was indeed too slow to be 
> practical. As a result, it was never used by any OS vendors except some 
> experimental designs that never caught on. I think it was undocumented 
> in the 486 and removed in later versions of the chip.
> 
> 
> 
> 
> 
> ---------------------------------------------------
> PLUG-discuss mailing list: PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss

More information about the PLUG-discuss mailing list