I don't think comparing registry with config file of firefox is wrong... yes it is a self contained application but in a way even OS is a self contained application.. it is just meant to do bigger and riskier things.. it's like the difference in the gravity of a mistake committed by a clerk and the CEO of a company... since firefox is meant to work at the application level, it just cannot put the system at risk.. on the other hand an OS is supposed to have configuration settings of a hell lot of riskier things.. so obviously it will become a security risk..
It is wrong in the sense that I said all OSes should move towards self contained Applications. Firefox is a shining example of what I am talking about.
You see but since windows has ridiculous permissions and doesn't require authentication for a process to access the kernel, you can get something from browsing with firefox, then it once it is on your system it has carte blanche to do whatever it damn pleases. Go back and see my comments on kernel hooks (LOL if that was this thread even, I can't remember).
The same could be said about the firefox config as well.. the firefox developers don't warn for nothing when they say that changes to the config of firefox can bring down firefox itself.
No developer does, they release notes after you update to notify you of changes, and sometimes on occasion you can read that file on their website before you download, but not always the case. Both Microsoft and Apple put all major update release notes on their web sites.
But I agree with you that registry is not a good way to implement an OS coz basically it IS a security threat. I don't understand how UNIX/MAC go about doing it w/o using something like registry. And why can't windows implement that way..?
It is simple really. In the 90s Microsoft pushed the envelope on technology. Their OS was doing a lot of things no other OSes could, and they were stealing ideas from every one and implementing those in their OS. Then marketing it the right way (doing smart business) made their product the most widely used. Other companies made poor decisions and did not compete like MS did, and it basically made Microsoft the king of software. Even though it was never the best or better product, but that is a whole other debate.
They developed the registry to allow quick access to developers to write applications in a fast, but sloppy manner. Allowing them access to resources normally something bad should not have access to. This allows a crap ton of third party support for Microsoft, and it is part of the greater scheme that made them so rich and powerful in the software world. However, now that technology is catching up with them, they are starting for the first time to lose market share a bit. Novell, lost a ton to MS, but is now starting to gain a bit of ground with SuSe Enterprise Linux desktops and servers, and of course RedHat is catching on as well. Then you have the Mac, which has doubled their market share in the last 2 years and has out sold PC laptops for many months in the last two years.
There is a market shift that is starting to happen and technology is changing, and once everything becomes web based the OS will really only need to be very simple.
Long story short, MS created the registry as a quick and dirty way to give developers tools to make robust applications. The downside is, it creates bloat, and of course is a huge security risk, and actually cuts down on stability.