Re: MS, please help me understand
As a developer you should then be aware that it's pretty much impossible to release 100% bug free code, especially when your talking about something the size of Windows.
True, but ...
There is such a thing as coding with security in mind. A long time ago Microsoft hired the chief architect of the VMS operating system away from Digital, with the brief to write them a secure kernel to replace Windows 98. The result was Windows NT 3.51. It was the most secure system Microsoft ever had, possibly second only to VMS in terms of excellence.
Being secure meant that graphics performance sucked compared to Windows 98 (where there was basically no security at all). This was a completely inevitable result of securely managing the system's memory on the hardware of the day. So what did Microsoft do? It took this kernel that had been engineered for security, and blew holes in it in order to make the graphics run faster. Enter NT 4.0. Broken by design and orders from the top. Then 2000 (further security compromises), then XP(even more). Eventually what had once been one of the most secure OSes in existence (perhaps behind only VMS) became an unmaintainable kluge. Around XP SP2 they claimed to realise that security mattered and started trying to patch the holes that they had deliberately created in a once-secure design. The result was an un-maintainable kluge.
So they re-wrote it again. Enter Vista ....
You may say that was all a long time ago and you'd be right, except that you'd also be asserting that a system that was deliberately broken security-wise can then be patched back to secure by the people who broke its design.
The evidence all suggests that Microsoft simply does not understand security at all.
And if you think Linux et al are any different you're very much mistaken
Different culture. Open-source applications are of variable quality. Some are excellent, some less so.
The Linux kernel is engineered with security in mind and is overseen by Linus. He is very smart, he does not suffer fools gladly, and most importantly he has no marketing department to tell him what he has to compromise (ie, break) tomorrow, because some touchy-feely focus group of non-technical users thinks it would be a good idea to let it display pink elephants galloping faster.
More generally the Linux ecosystem learns from its mistakes. Things in active development get better. If there is a disagreement one project may fork into two, which then compete until either one branch runs out of supporters, or (occasionally) until both branches have found different niches in the open-source ecology. It's a very similar process to natural evolution. In both cases good designs prosper, poor designs die out.