No Defense Against Windows Rootkits?

An anonymous reader writes "Spyware bad guys (and also phishing people) started using rootkits technology to stay hidden in a system. The problem is that at the moment the technology to defend a Windows system from these things is very poor. In fact antivirus companies have just started adding basic anti-rootkits technology. So the problem is serious, and well outlined by this question: Is the closed source code of Windows preventing us from actively defending our systems?"

1000's Of Programmers

[nurb432]

Microsoft has this too. While i agree with the argument that 'openness' is better for security patches, thats not a good argument..

NO!!!!

[The+Spoonman]

Is the closed source code of Windows preventing us from actively defending our systems?

No, it has nothing to do with source code, it has everything to do with people being morons who can't secure a Windows system. It's really not that hard, folks, pick up a book. Do you know how to secure a *nix box? You're halfway there! You use the same damn methodologies. God, why is this so hard for people to get? And people wonder why they're shipping IT jobs overseas. Let's see, we can get incompetent people for $30/hour, or incompetent people for $30/day. Hmmmmm...touch decision.

Re:They keep flogging this outdated line of reason

[drsmithy]

This has been refuted time and again yet the various Windows-friendly analyst continually trot this one out as a rationale for the ( admittedly much improved but still ) relatively weak security design of M$ Windows.

That design being ?

Windows leads by a huge margin ON THE DESKTOP. On the server side the disparity, if one exists is a completely different story.

On the server-side - and particularly the non-Windows server side - the single biggest vulnerability and attack vector - the user(s) - have a substantially different profile.

Also, since there are many open source versions of Unix, such as Linux, *BSD, and Solaris, some of which have been available for more than a decade, it should have been relatively easy for Windows-loving, Unix-hating programmers to have designed the Unix-slaying, self-propagating daemon years ago. To date, the only thing that has come close was the Morris worm way back in the late '80s.

Sure, if you ignore the long, glorious history of unix exploits (BIND, Sendmail ? I'm looking at you), that's true.

Not to mention the significant factor the user demographic plays in the equation. A seasoned unix user is inherently less vulnerable than the average desktop Windows PC user.

This is before even getting to the simple fact that unix has had 20 years more to harden itself from attackers.

If Windows represent a bigger target, it SUPPOSEDLY has the "advantage" of being closed-source but the open source Unices, which are fewer in number SHOULD be an easier target.

Targets are not only chosen because they're easy, but also because they're useful.

It's time to focus on what the true flaws of each platform are - their relative prevalence is no longer relevant to the discussion ( aka flamefest ).

Their relative prevalence is fundamental to the discussion - not only from a simple statistical perspective, but also because of the other factors that correlate with prevalence. To say platform prevalance is irrelevant ignores not only common sense, but mathematical fact.

Seriously

Stop downloading pirated software and you will have done virtually everything you need to do to actively defend your computer from root kits!

Re:It works both ways, but it's worse for MS

[StoryMan]

Look at my .sig. Some cockroach, who fancies himself a site 'moderator', climbed out of his hole and shut me down for 4 weeks because he thought I got downmodded too often.

Maybe you're just a bona fide idiot?