[…] Update « Hesitating posts… The urge to clarify… » […]]]>
Yes, very right.
The emphasis of user activity to get hacked is an important hint anyway. In most cases @Windoze, you even don’t need this (user) intervention thnx to ActiveX/RPC non-declared .Net Features or whatever.
The biggest advantage in my opinion is the fact, that Zeta has the opportunity to improve security via their BMessaging model.
On Unix/Clones (FreeBSD, Linux, OS X etc.) or Windows you get security on FS-Level (user rights & profiles) and Process-level (security profiles for processes).
On Zeta’s (and Haiku’s) unique BMessaging feature, any task/process/inode/stream is mangled with BMessaging for processing purposes to obtain Kernel processing time from the I/O scheduler of the Kernel.
If you now screw the Zeta - Kernel further up, parallelly with vital components of the system to secure Zeta even more through BMessaging proofing (_native_ threads/_system_threads/_user-caught_threads/_automated(cron)_threads, etc.), we can get a far higher security as now.
But this is quite theoretical and needs very experienced BeOS developers to put their brains together with well experienced (System & Network) Security Geeks.
But the result would be a _very_ secure OS at the end, without tricky virtualization of the OS in Kernel-Land (read: Windows Vista).