Arnie wrote:If you are not happy with a Windows clone, which you seem to imply, then by all means go for Linux but do not bother the ReactOS developers who have a different audience.
If I wanted Linux I'd be using Xandros. And I'm already running 2K quite securely. I have an interest in ReactOS because over and over again I've been asked why Windows is so expensive. I want to be able to recommend ReactOS as a
Windows-alternative to people who are familiar with Windows, but can't afford it. I also happen to have an agenda of my own...
ok I need to digress for a moment because I've not made that agenda clear. The average people I deal with daily are afraid of their computers. They are afraid of breaking them with the wrong keystroke, or visiting the wrong web site. They are afraid because they are taught to be afraid. By comparison, I do not want people afraid of their computers. I want my mom or my sister or any of my clients to walk up to a PC, and use it without fear of breaking it.
Right now, I can't do that with Linux and that's because Linux was written by geeks
for geeks. I can't do that with MacOS because Macintosh PCs cost too much and people here are cheap. I can do that with Windows, but only if they're prepared to buy it, and also buy into safer devices and applications. The cheapness factor applies here, too. Only if I can convince a client to spend more money up front can I give them something they're not afraid to break. At the same time, most people I work for are familiar with Windows.
Enter ReactOS. A free alternative to Windows, or at least the potential to be so. It looks like Windows, it feels like Windows and everything you've learned on Windows applies, almost. They're not afraid of it, and it's cheap to use even in 0.3.0 Alpha. So what's missing? Well they're still afraid to break something because there's no security model yet. That's fine, it's still in Alpha after all.
It's here where I hope to influence the security model somewhat, to make ReactOS closer to what I expect from Win2K in terms of less fear. I want to give my Mom a ReactOS PC some day that she won't be afraid of breaking, because it looks like Windows and it's super cheap and it won't let her break it.
Now, to this end, I've posted all of the commentary I've posted so far. Going through 15 user account control prompts to install something, as Reacter's pointed out, is scary. I'd rather see a Run As or something. However, even a Run As feature presents a formidable obstacle to scary, unwanted software. This lessens the fear of the PC, that the user knows the PC's going to stop the user from doing something really stupid.
Run As, for instance, is great for doing one-time admin things while you're in the middle of doing something else. Such as installing an update to World of Warcraft while you're catching up on WoW forums. What I'm reading in UserSecurity is that Run As should get used for running day-to-day programs too, which I disagree with. It will encourage users to use Run As for everything else, or just skip that entirely and just log on to the shell with Admin anyway.
All of the other suggestions to make day-to-day programs work are weaker, security-wise, than Run As would be, and would still eventually drive users to running daily as Admin.
You don't have to sacrifice compatibility for security or vice-versa. The current path of making everything work and then bolting on the security seems silly to me, but if it's tested enough it'll have to do. I'm aware that you can't have both all the time. However, I believe ReactOS should let me choose security over compatibilty just like Windows does.
Now, this may mean that ReactOS security will never really differentiate itself from Windows security, which was my original concern. If so, that's ok; if I can lock down a ReactOS install like I can lock down a 2K install, I'll be happy.
Perhaps this is too much to ask. Maybe secretly, all geeks want average ignorant folks to be afraid of the geek craft that is the PC.