Microsoft By Intimidation -
NT's 'Big Brother' Dynamics
By Don Crabb <>
Contributing Editor and Columnist
Of all the reasons to dislike Windows NT (like its unreliability, limited scalability, and general pain-in-the-ass-to-administerability), one of the biggest is its Big Brother orientation.
Unlike UNIX (including Linux) and the Mac OS, which ultimately give control and access of individuals' machines to those individuals, NT is a networked operating system where the SysAdmins are king.
Only recently have users discovered this fact, much to their chagrin, especially in bastions of academic and personal freedom, namely colleges and universities.
One such discoverer has written to Bob LeVitus and yours truly expressing his horror and disgust with NT's intrusiveness:
"I teach at a university in New Zealand which recently upgraded its computers. We Mac folk got iMacs and the Windows users got NT boxes (they had been using Win 95/98). Recently, we discovered something disconcerting about the new NT machines. NT, somewhat like UNIX, allows users to log on remotely to their machines. So what, say the Mac users, we can do much the same using Apple Remote Access or Timbukto. But here's the spooky bit. The NT users can't turn this feature off. The system administrators have an admin password which allows them to log directly onto any of the NT machines on the network. Thus the folks in the faculty office can log into my colleagues' machines, search through their emails, open any document they choose, see what software is installed, even check their Web browsing history. Let me repeat - individual users can't turn this feature off. They can't fully restrict access to the files on their hard disks. In theory they could use encryption software to protect their files, except that they would need the admin password to install the software and for obvious reasons the University isn't giving that out."
"Now I'm sure Windows folks think this is a wonderful feature and, if I was administering a large company with many machines, I guess I would find it useful, but if you look at it from the perspective of individual users it's potentially a very unwelcome 'feature', especially in universities which have long fought to preserve academic freedoms. For lots of people connected to local area networks this sort of 'feature' is going to mean that they have a lot less privacy and thus a lot less freedom than they used to."
The question, then, on this academic's mind, is the same one I have raised before -- what about networked privacy with Mac OS X and Mac OS X Server?:
"Will MacOS X provide the same somewhat dubious feature? I know MacOS X is based on UNIX so presumably it will allow multiple passwords, including a root password, on individual machines. Will there be some way that I sitting at my Mac can disable remote logins (including logins by folks who have the root password) to my machine? If not it seems that MacOS X, like NT, will eventually become a system that is much more popular with administrators than with users."
Mac OS X, and X Server both allow remote logins and are multiuser OSes, being based on NeXTStep/OpenStep and a Mach kernel. But like most UNIX-derived OSes, the Mac OS X family keeps the best interest of individual users in mind. While Mac OS X *could* be configured to automatically allow administrative snooping (if that were a company policy), it is not *required* to be that way.
Which, of course, gives Mac OS X customers more flexibility in configuration than NT allows and another good reason to migrate away from the dark side.