Car door locks are wafer locks and can be defeated sometimes with a flathead screwdriver.
Security is about "good enough" though so that's usually sufficient.
Most of the worms of the early 2000s worked by exploiting vulnerabilities that Microsoft had already found, patched, and deployed, but users, including giant businesses just didn't install the patches.
Bonzai Buddy and the days of the toolbar didn't happen because Windows is insecure, it happened because at a fundamental level the only difference between spyware and a perfectly valid and runnable program is intent, and an OS has no insight into the user's mind. When you doubleclick on a desktop icon, Windows cannot know whether you totally intend to send most of your precious data to a sketchy server, or whether you have no idea what you are running.
Microsoft is moving more towards preventing users from running whatever they want.
"The user is god and the OS serves them" and "Never let the user run spyware or malicious code" are mutually exclusive, so be careful what you wish for.
> the only difference between spyware and a perfectly valid and runnable program is intent
This is true if you completely ignore that spyware was impossible to remove without specialized removal apps that were funded by volunteers, not Microsoft.
Telling me that locks are pickable is completely irrelevant and avoids the point I was making.
Most locks are trivially defeatable and easy to force. Heck, there's often a large window right beside a suburban door. Break the glass, open the door. Locks are only there to deter crimes of opportunity and make it more likely you'll actually notice a theft in a timely fashion.
And Microsoft didn't even bother to do that much. Spyware was able to embed itself in any windows installation for a solid decade, just by visiting a website. removing it required at least 30m of updating and installing specialized tools and was well out of reach of the average user.
Because the customer eventually decided it was worth paying for. Emphasis on eventually. It took over 30 years from the first car having optional door locks to locks becoming a standard feature.
> MSFT did nothing to stop spyware for at least a decade.
More like half a decade. The first real instance of spyware was recognized in 1999. Microsoft began working on their anti-spyware software in 2004.
Microsoft bought GeCAD RAV in 2003 with the intent of using that antivirus engine in Windows.
It's also worth pointing out that the 1998 antitrust case against Microsoft is most known as a Browser fight, but it included a heavy hand from Adobe and all of the major Anti-Virus tools of the time. It was seen by many at the time, including Microsoft, that the delivered court decision forbade Microsoft from including PDF software, anti-virus tools, firewalls, and other such software in Windows (and arguably against building some of them at all).
It's somewhat easy to understand why that decision almost made sense in 1998, but real easy to see why it aged very quickly like spoiled milk (including the wide spread of spyware and malware that soon followed).
