Have you ever wondered why there are so many security bugs and viruses on Windows? Let me posit for a moment that it's because people who write software for Windows are swimming in a sea of incomprehensibility. Microsoft often apologizes with "Windows is more flexible than UNIX" when they compare the two. Right, it's more flexible. Of course it is. If by some chance you can actually understand how any of it works.

Wait, what is UNIX?

To be clear, UNIX was originally an operating system developed by AT&T primarily in the 1960s-1970s. Today UNIX is a blueprint for how to create an operating system. There are many operating systems based on the UNIX System in wide spread use. UNIX Systems run a majority of the Internet, for example. The most popular systems are Linux, Apple Mac, and Sun Solaris. These systems are all very similar to each other. You can take a program written for one of them and use it on the others typically without any modifications.

There are generally two ways to do everything in the modern programming world: Microsoft's Way or Everyone Else's Way. Everyone Else generally falls under the umbrella of UNIX. Back in the 1980s Microsoft abandoned UNIX and decided that they would create their own beautiful yet incomprehensible way of doing everything. Everyone else stuck with the UNIX way of doing things. Why? UNIX systems represent everything in a relatively simple and well understood manner which hasn't changed much since hippies roamed the Earth.

Creating a Pipe

Let's take the example of a simple pipe. For the non-programmers out there a pipe is exactly what it sounds like: it's a pipe. To simplify, if you shove the text "Hello over there!" in one end of the pipe it comes out the other end. A pipe enables two separate computer programs to talk to each other.

I think even the non-programmers will see what I mean when I say that UNIX is easier to understand. Here are two examples of the same functionality from Microsoft's UNIX Application Migration Guide

UNIX Pipe

int main()
{
 int res = mkfifo("/tmp/my_fifo", 0777);

 if (res == 0)
     printf("FIFO created\n");
 exit(EXIT_SUCCESS);
}

Windows Pipe

int main()
{
  BOOL fConnected;
  DWORD dwThreadId;
  HANDLE hPipe, hThread;
  LPTSTR lpszPipename = "\\\\.\\pipe\\mynamedpipe";

// The following is an approximation of the mode bits used
// in the UNIX example.  Will suffice until verified. 0777
hPipe = CreateNamedPipe(
        lpszPipename,             // pipe name
        PIPE_ACCESS_DUPLEX,       // read/write access
        PIPE_TYPE_MESSAGE |       // message type pipe
        PIPE_READMODE_MESSAGE |   // message-read mode
        PIPE_WAIT,                // blocking mode
        PIPE_UNLIMITED_INSTANCES, // max. instances
        BUFSIZE,                  // output buffer size
        BUFSIZE,                  // input buffer size
        PIPE_TIMEOUT,             // client time-out
        NULL);                    // no security attribute

  if (hPipe != INVALID_HANDLE_VALUE)
      printf("FIFO created\n");
  exit(EXIT_SUCCESS);
}

Notice how the Windows code needed a million comments to explain what in the world all that nonsense jargon was doing? (Comments are everything after a // in the above code.) The UNIX code was simply "mkfifo", a filename and some easily learnable security bits (0777). Simple enough that it needs no explanation.

Also telling is that Microsoft's UNIX example used 0777. 0777 disables all security allowing anything to access the fifo. This is just stupid. However it is understandable for a Windows programmer to do this out of habit. Windows programming interfaces don't have standardized security methods. Nearly every function has its own unique way of dealing with security. So you can't easily remember how security works in any given situation. So it's just easier to disable security and hope everything works out.

UNIX is a trademark of The Open Group. Linux is a trademark of Linus Torvalds. Mac is a trademark of Apple. Somehow, Windows is a trademark of Microsoft. Trademark is a trademark of trademark. And so on.

Labels: unix, windows