Re: king of foo
> "But surely MS do something fundamentally wrong when it comes to security?"
There are many things that Microsoft _designed_ into Windows that led directly to security problems. Some of these have been fixed, but many are just papered over by popping up a 'yes/no' dialog that then turns the blame onto the user.
* Inserting a Floppy, CD or USB drive executes code on that device with no further user action. (mostly fixed now)
* Opening an email, or in some cases merely selecting it so it can be deleted, can cause attachments to be opened. For certain types of attachment this will cause code inside it to be executed - by design, such as Office macros, - or by flaws such as image handling.
* File 'types' are hidden by default so that 'knickers.jpeg.exe appears to be an image that the user can safely click on.
* Any file that is .exe is executable. A file that is downloaded does not need anything else other that it be a (hidden) .exe to be run.
* ActiveX. No more need be said.
* Users running as admin.
Other systems don't have these designed in security failures.