Slashdot Mirror
NYT Security Tip - Choose Non-Microsoft Products
Giorgio Maone writes "The New York Times article 'Tips for Protecting the Home Computer' follows a story we recently discussed about the proliferation of botnets, and contains some statements which may sound quite unusual from mainstream press, especially if targeted to home users: 'Using a non-Windows-based PC may be one defense against these programs, known as malware ... Alternative browsers, like Firefox and Opera, may insulate users ... NoScript, a plug-in utility, can limit the ability of remote programs to run potentially damaging programs on your PC'."
I must admit that initially I was a bit humored by the idea that a New York Times author had a right to caution me about computer usage. But when I looked up his credentials, he seems to be a qualified and experienced tech writer who probably has good advice for the general public. Granted, his last recommendation: "Don't click if someone offers you something too good to be true. It is." worries me that people may be wary of certain open source projects but in the end, I'd agree that I'd tell my sister and friends just not to install anything and to ask me for specific links to programs that solve problems or fill needs.
In the end, it's a very short article and doesn't provide a very comprehensive picture of security for a home user. You may think its news that Mr. Markoff decided to push people away from Microsoft but he's only telling you the facts about the numbers. You won't have as many problems with Linux but there's no way your daughter's iPod will work with iTunes Music Store on your computer anymore. If he wanted to make this a notable article, he should have delved into trade offs and better coverage of issues.
So Markoff doesn't like the benefits of running Microsoft software. So what?
My work here is dung.
The only usable way to control Javascript is site by site, and turning it off by default slashes a whole army of exploits out of your life. Every browser should have this functionality built in.
Does this mean the main stream is finally (slowly) catching on to the reality of choices? It would make my day if the world would wake up and realize that they have options when they sit down in front of a computer.
Funny, where I come from, we call that the "don't use insecure products" solution.
We hear this suggestion all the time, but the reality is that the reason Firefox and Opera are "more secure" is that there are less people using them. Their market share isn't worthwhile to the commercial malware authors.
/GS and /NXCOMPAT.
Every "dot" release of Firefox you'll see 5 more bugs colored red, indicating an exploitable bug. Opera fixes them in secret, but it still has them. All the browsers have security problems, and it's mostly due to the complexity of all the features that have to be supported.
I hope Firefox is at least compiled with
Melissa
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
Not use Microsoft? That's unpossible! They must be Mac or Linux users and are completely out of touch because they don't have the problems in the first place.
Seriously, it's good to see the message getting out. Another widely read, "mainstream" source, the BBC, has said the same thing already, like this. Of course, everyone without a vested interest in M$'s welfare has been saying enjoying the same for years. Sooner or later, despite billions of advertising dollars and bullshit studies, people are going to get it and real OS choice will happen. Seeing this in the NYT makes me think this is sooner than later.
Friends don't help friends install M$ junk.
Is probibly the best advice one can ever get.
I hear Steve Ballmer got the news while visiting a chair factory. Remember to duck and cover!
This isn't security through obscurity. Security through obscurity would be saying "I'm safe because I run Windows and it's closed source". This is the claim that uncommon software is more secure because there are less exploits. While untrue mathematically, the reality is that you are still currently less likely to be exploited when running Mac OS X or Linux since script kiddies don't really care about you so much (for the same reason game developers don't, incidentally).
Same is true for biological systems - diversity is a good thing as it is less likely to be infected with a disease. Genetic diversity implies a more robust "operating system" species that's harder to destroy. Remember all the hell around the blaster worm. Imagine that MS, Apple, RedHat, Ubuntu... only had 10% marketshare each... it'd be bad, but not nearly as bad as it was.
If you're talking about a focussed professional attack on a specific system: to be honest, the OS you're running is probably pretty insignificant; the chances are there's a simple admin error somewhere along the line.
NoScript is nice, but it could use a large default whitelist, something like the AdBlock Plus subscription options. It gets pretty tedious to allow every site manually, especially when some only break in subtle ways.
LOAD "SIG",8,1
.... This advice seems sound, the reality is that EVERYTHING is exploitable. OSX for example hasn't got a lot of exploits, but you can be assured that they are coming. FireFox has exploits (or at least bugs that are exploitable) and as their user base increases, exploits will appear. All that using non-M$ products gains you is time until exploits appear in the products you choose.
Perhaps the thinking should change to using products that are reasonably secure (regardless of vendor) and using some common sense? That may be much more effective.
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
I keep a patched 2003 desktop, and I use Opera for browsing quite nicely. I confine my web surfing to a known list mainly. If I'm really worried, I surf from a copy of Opera running inside a snapshotted VMware instance. Occasionally I get my A/V program deleting an infected file in my Opera cache. I'm sure IE would have allowed a code execute in the same instance. I noticed a recent story that indicated a lack of full disclosure on Opera's part, but I've found it a usable alternative with enough of a niche that it doesn't seem attacked. Plus its a partitioned app, it doesn't have tendrils running everywhere in the OS like IE.
The most secure product EVER is the product that nobody uses. OK, follow the so called "expert's" advice. If everybody follows them, MS will be the most secure in the world.
It's time to realise that Abble's products are the biggest abomination these days. Just say NO to the dumb iAbble way!!
I think it is more the monoculture angle then it is security through obscurity. Any slight change from the default and you may not become a victim.
Bad boys rape our young girls but Violet gives willingly.
May be? MAY be? MAY BE?
<SARCASM>Sure, I have to worry about my Mac getting co-opted into a botnet 24/7, because we all know how many active threats there are to Macs! </SARCASM>
Man, talk about "understating the case."
The honest way to put it is that running Windows is the #1 way to get yourself into trouble. Adware, outright co-opting of your resources, virus problems... Windows boxes are insecure and risky, more so than any other machine, right out of the packaging.
You want security and simplicity of use? Mac isn't just "an" answer, it is the *only* answer. You want security and not too worried about simplicity? Linux or a Mac. You willing to re-work of all Microsoft's incorrect settings, patch all the browser vulnerabilities, play the target role in the hacker version of whack-a-mole, reboot your PC every few days because MS has discovered another severe vulnerability in their spaghetti code? Buy a Windows PC. Endless entertainment for puzzle solvers who don't care about their data security or computer availability. Been there, done that, found the solution, not going back.
I've fallen off your lawn, and I can't get up.
There's only been 9 comments on this story at the time of this writing, and yet the following tags are already up: "flamebait, nytfud, troll". These guys work fast, don't they? What's flamebait, trolling, or FUD about this article? Avoiding Microsoft products is a perfectly prudent move, if you can. Is it untrue to say that Mac and Linux users are safer on the internet than Windows users, or that Opera or Firefox users are safer on the internet than Internet Explorer users? Far from it. It's demonstrable fact.
Viper is the preferred editor of the Emacs operating system.
This is on /. not because of the that info... this is on /. because NYT is writing "MS products sucks ! don't use them.".
Actually, it's more than just "security through obscurity". There are some nasty things that Microsoft products do that tend to get them into trouble (executing '.exe' files, ActiveX, etc) and makes their products more vulnerable.
Also "security through obscurity" is a valid practice, but it is not sufficient for good security. I don't tell strangers my computer's IP address (although, I'm pretty certain it would be useless to them and there are many ways to figure it out). The problem is when people are suckered into thinking that if they can't see something, nobody else can. Obscurity can be pretty effective when defending agains automated attacks too.
Our school installed Deep Freeze and all the virus/malware problems just went away. Basically, users can't install programs. If they try, the programs go away when the computer is rebooted. All the computers reboot themselves at midnight. So, a virus might last a few hours but it's gone the next day. A couple of years ago the network was down for a few days while the IT guys eradicated a virus. Since Deep Freeze there have been no such problems. I'm surprised that more people don't use it.
It's all about diversity! If everyone has the same exact program running under the same exact OS with the same exact security flaw one blackhat can ruin millions of people's day with one little hack. Nature knows how important diversity is, hell, economic systems are supposed to know it too. It's unfortunate that Microsoft continues to be allowed to operate as an illegal monopoly based in the United States.
Haiku for you!
The essentials, with emphasis added:
Botnet programs and other malicious software largely take aim at PCs running the Microsoft Windows operating system, because Windows' ubiquity makes it fertile ground for network-based attacks.
Using a non-Windows-based PC may be one defense against these programs, known as malware; in addition, anti-malware programs and antivirus utilities for the PC are available from several vendors. Windows users should use the Windows Update feature.
Microsoft itself entered the computer-security business last year and now offers a free malware-removal tool for download from its Web site. The company says the program removes about two million pieces of malware each month, of which 200,000, or about 10 percent, are botnet infections.
Like Windows, Microsoft's Internet Explorer browser is also a large, convenient target for code-writing vandals. Alternative browsers, like Firefox and Opera, may insulate users. Microsoft's most recent browser release, Internet Explorer 7, is said to offer significantly improved defenses.
Adding software to your browser like Noscript, a plug-in utility, can limit the ability of remote programs to run potentially damaging programs on your PC.
I'll bet that you have a treasure trove of Ford Pinto's and a bunch of hallogen torche lamps.
It's not the information, which is common knowledge for us. It's more who is giving the information and to whom. It not as if the Pope should stand forward and say that Muhammad might have been an important prophet, but more like his brother in law did it.
Microsoft wants to empower its users, and everyone else, for that matter. Don't you see how convenient it is that MS products execute treat every piece of data they ever come into contact with, no matter where it's from or whether it's a video, sound file, Office document, image-- whatever!-- as an executable? It's just like how you pick up every piece of garbage you see and put it in your mouth because it might be food. That's the taste of Freedom!
Windows XP systems, yes. Not Win9x.
It's been proven that Microsoft has dominated the market not by creating a superior product, but by superior (often times unethical) business practices. Their goal is to do whatever it takes to dominate the market and this is a result of that. The fact of the matter is that many Microsoft products are infact lacking in areas that they didn't need to focus on in order to gain market superiority. Competitors then need to target a different market and create a superior product in order to attempt to compete with Microsoft products. Do OS X and Linux, firefox and Opera seem to have less faults than they actually do because less people use them? Yes. Is that the only reason? No. Don't simply dismiss non-microsoft products based on the fact that they don't control the majority of the market.
Gentlemen, you can't fight in here! This is the War Room. ~President Merkin Muffley
Maybe use a whitelist that's already out there? McAfee SiteAdvisor?
This is on /. not because of the that info... this is on /. because NYT is writing "MS products sucks ! don't use them.".
I realize that, but that's pretty sad right? Looks like we Slashdot submitters/editors/readers are just a bunch of lo-life geeks who go to a news site just to get their daily dose of "haha Microsoft sucks!" finger pointing.
Last time I realized that I stopped reading Slashdot for 7 months. It's about to happen again.
There's such a thing as "too much of Slashdot" even for a hardcore geek I guess.
[using anything but M$] is a steep learning curve, and a lot of people think why bothered [sic].
So M$ shoved IE 7 down their throats as a forced update. Borat voice, "Is nice!" If you want a consistent interface instead of, "change for change's sake" use free software.
Back in the real world, my five year old girl is happy with Firefox. I like that her system does not have to be replaced every two years and that it does not catch porn spam or American Express pop ups. Mepis took me all of 20 minutes to install and it works with all of her favorite PBS toy sites, and many more demanding A/V playthings. I'm sure, in time, she will master other tools and that they will be nice free ones that don't change all the time.
Friends don't help friends install M$ junk.
The first part is simply google for crackers interviews and see what they say. They will always tell you that they go for what is easy. Why? Because a number of them are there to make money and time is money. If the systems were equally easy to attack, then yes, go after the most numerous. But when one has so many easy points, then you persue it rather than the ones that are difficult.
The 2'nd part is compare bank robberies to 7-11 robberies. Back in the 60's, banks were robbed. BWhy? because they were easy and had lots of money. But then in the 70',s the banks took actions and made it difficult. They still had the money, but it became very difficult to rob them. So the robbers turned to convinence stores who had say a thousand dollars (acceptable), and were easy. At first 7/11 ignored it, but then their ppl were being killed. So they made it very hard for robberies to get a thing. Now, banks and 711 are == difficult, so the robbers are back after banks. WHy? Because if you are going to risk it, then go for the big score. Interestingly, the banks now limit how much money is available to the tellers as well as every teller has a loaded stash.
So what does that mean for Windows vs. OSS. While Windows is easy to crack, everybody will hit it. If ever it becomes >= to *nix in terms of security, then *nix will be hit, because overall, there is much more money on the *nix systems. And if *nix and Windows become better than mainframes, then they will turn to there because there is REAL money.
I prefer the "u" in honour as it seems to be missing these days.
Closing unnecessary open ports, turning off javascript, using a firewall, running windows update and keeping your virus definitions current, running some anti-spyware software once in a while, not downloading anything from anywhere of the net and running it on your computer willy nilly, not clicking links in emails from sexylaura123@ebay.securelogin.com or the like that remind you of the great time you had last Saturday and most of all not running in a fucking administrator account will do wonders at securing windows. Frankly I think telling users to do that, rather than tell them to switch to Non-MS software which they often can't and probably won't do anyway is a little more useful.
Reality must take precedence over public relations, for nature cannot be fooled.
The old "security through obscurity" solution rears its head yet again..
Sounds like you bought the popularity lie.
Friends don't help friends install M$ junk.
Well, I'm quite open to everyone about my computer's IP address: it's 127.0.0.1
The Tao of math: The numbers you can count are not the real numbers.
Windows lets you create normal user accounts with limited privileges. The installation requires that you create one administrative account and then as many limited user accounts as you desire. The only incorrect settings are those you ignorantly apply yourself.
How is this different than any other browser (or any other application, for that matter)? All applications have defects, such as Firefox, Quicktime, Opera, and OS X. These defects need to be patched (or perhaps I should assume that you don't patch vulnerabilities in software you use- including those in OS X- because you feel there's no threat).
Are you serious? Every few days? Considering "Patch Tuesday" occurs once a month, you would be required to, at most, reboot your machine once a month. The reboot is only required in certain circumstances because Windows won't let you update a file that's currently in use. *nix systems allow modifications to active files, but active processes still only are able to use the previous version, which can be a nightmare when applying patches. While it's a matter of preference, I know many administrators that would rather reboot a machine to ensure that all processes are using the updated library than being forced to make this determination manually.
This doesn't say much for your technical abilities. I have been highly successful in educating the least knowledgeable computer users (read: home users) in basic security practices. It's quite simple- don't run as an administrator.
once again the solution is to drop everything and either rebuy hardware or hope that linsux supports your current hardware.
whatever happened to simple security solutions that made sense that people could do today without added expense? i've never had a virus/malware. i keep my computers behind a firewalled router (with very little configuration work), i keep them updated and i run AVG.
damn, that was hard.
I use NoScript but my wife found it very annoying that all the sites she wanted to visit would not work without having to allow them first. I don't think recommending it to the average home PC user is very helpful because they will just think that it broke Firefox.
:(){
This is where the animated characters take on faces like donkeys and go "well, DUH!!!!!!!"
On fark, They'd be paging Rick Romero...
I don't know the meaning of the word 'don't' - J
.... probably 80%-90% of the websites I visit REQUIRE me to enable scripting before I can use things like navigation elements, which are a little crucial. Some of the more lame ones (like http://www.channelgo.com.au/) actually successfully load all the content, then it detects I don't have Javascript, and redirects me to a page telling me I need to reenable Javascript!
I like the extra feeling of security I get using NoScript, but I'm pretty close to ditching it because the pain of having to enable and reload every website I visit just to do something like be able to click on an 'about' or 'FAQ' link is too much.
Gotta love Slashdot. The grandparent makes ridiculous claims about the indescribable complexity of the Windows security model and alleges that constant reboots are required, yet is modded Insightful. When someone presents evidence to the contrary, however, that post is modded as Flamebait. Goooooooooooooooooo fanboys!
I confine my web surfing to a known list mainly.
That's just sad. And to think for every person like the poster, there's 1000's who feel the same - who are actually confine themselves to a known list of sites they are not afraid to browse.
For the technically savvy, it's probably a good tip. However, do you expect the same people who constantly get infected with the malware-of-the-day on Windows to be able to properly administer Linux / OSX / BSD / whatever else? They won't lock it down, get security updates, or do anything else. It is possible to operate Windows securely (though it would probably be safer just to forget Internet Explorer even exists). If there are millions of Linux computers out there and nobody is securing them or updating them (as is the current situation with Windows), how long do you think it would take for these scumbags to redirect their efforts? The only real defense is education, but we all know that is totally doomed to failure.
I see you are having reading comprehension problems. Read again. Slowly. You may be able to determine that those are two different statements, with two different sets of requirements.
You know what? I don't have to "educate" users I point at Macs, because Macs work and are secure out of the box. Also, I don't mind in the least being characterized as a fan of systems that work. Don't worry too much about my technical abilities; I've been writing code and designing computer hardware since the early 1970's. One of the consequences of that is I am quite familiar with Windows, *nix, old Apple systems, OSX, and a bunch of earlier operating systems as well. And if there's one constant that's been the same since day one, it is that the less the user needs to know to use the computer safely, the better off they are.
You like Windows? Fine and dandy. I don't. I won't recommend the OS as a primary operating environment any longer under any circumstances. Virtualized in a sandbox, yes - when you need a particular application. Otherwise, no.
I've fallen off your lawn, and I can't get up.
We hear this suggestion all the time, but the reality is that the reason Firefox and Opera are "more secure" is that there are less people using them. Their market share isn't worthwhile to the commercial malware authors.
Why not move to the zero cost option that works better, if that's true?
It's not true, of course. Just three days ago, you might have read this about IE being naked for more than 200 days last year where Firefox was only exploitable for nine days. You might also have read about exploits for Vista being for sale before it's available, while the market share is next to zero.
The next M$ line of defense is to blame the users. Mac, Linux, even Firefox users are "savvy" and M$ users, "the masses" are somehow stupid they will tell you. Somehow, ease of use, means ease of abuse to them. This really just tells you that M$ thinks you are stupid. Mac specifically markets itself to people who are computer phobic and want nothing to do with computers. Oh but now we are back to popularity and it never ends because it's a lie.
Free software is both easy to use and more secure and the two are not exclusive.
Friends don't help friends install M$ junk.
I have dispatched a trojan to your computer, and it is deleting your hard drive as I speak. Wow, my hard drive is certainly working hard. That's funny.
>>This isn't security through obscurity. Security through obscurity would be saying "I'm safe because I run Windows and it's closed source". This is the claim that uncommon software is more secure because there are less exploits. While untrue mathematically, the reality is that you are still currently less likely to be exploited when running Mac OS X or Linux since script kiddies don't really care about you so much (for the same reason game developers don't, incidentally).
I don't agree: I run Gentoo; since every app I run is compiled from source for the processor architecture I am running, some classes of exploits cannot target me because even if they knew which version of a given app I am running, they can't know precisely the layout of the binary because of the personalized compilation flags I use.
It doesn't rule out exploits, but it does make it a bit harder on them.
With Windows, most of the code you have running is the exact same binary for every x86 machine.
I guess that that is a situation where LINUX is making use of "security through obscurity" and Windows is incapable of doing the same.
Ironic, isn't it?
I don't know the meaning of the word 'don't' - J
...when you consider that Linux is compromised more often than any Windows based OS. http://www.zdnet.com.au/news/software/soa/Linux_ha cked_more_often_than_Windows/0,130061733,139116229 ,00.htm
The product is only as secure as its users. If the mainstream Windows userbase switched to Linux, they'd take their bad habits (neglecting security hole patches, installing supposedly-required software to view web pages, logging in as root by default, etc.) with them. Linux would be the new hot target for malware. The same goes for OSX or any other operating system. Sure, there would be fewer holes, assuming that people made sure to apply the appropriate security patches, but we're assuming again that they wouldn't take their bad habits with them again, aren't we?
These are the people who click OK just to get the box to go away. No operating system is going to save them from themselves without removing the luxury of convenience they insist on keeping.
The only usable way to control Javascript is site by site, and turning it off by default slashes a whole army of exploits out of your life. Every browser should have this functionality built in.
Amen to that. I use noscript and I have lost count of how many sites fail completely or outright refuse to load if JS is disabled. The number of sites which degrade gracefully is sadly quite small. If every browser had this, maybe web developers would finally get it through their thick skulls that JavaScript is best utilized to enhance the user's experience. Obviously, there are some exceptions, like AJAX applications and the like. It bugs me so much that I have never developed a site that did not degrade gracefully in the absence of JS. In fact, the only way the user would notice something was different was if they had first seen the site with JS and then later without or vice versa. Some of the worst offenders are the "major" tech companies. Try logging into Yahoo webmail with JS turned off to see what I mean.
It's called "That 70's Show." The 5 1/4 inch floppy disk drive. CP/M. The Apple II. The Commodore Pet. "100 Games in BASIC."
We got to where we are because one hardware platform and one software platform began to attract serious investment and mass market sales--and I am not talking about Apple.
Same is true for biological systems - diversity is a good thing as it is less likely to be infected with a disease. Genetic diversity implies a more robust "operating system" species that's harder to destroy. Remember all the hell around the blaster worm.
Blaster was hell only on those who had left their systems unpatched for months. The storm passed over the naive home user who installed security updates without question.
Diveraity is a good only when it implies something more than a universal weakness.
There have beem many mass extinctions. As for myself, I distrust analogies to biological systems on principle. The social environment in which an OS thrives has its own complexities and rules.
I think your argument of "It's so simple a 5 year old can do it" is flawed for one big reason: The five year old isn't used to using IE.
You must have missed this article
, complete with screen shots about how inconsistent the M$ GUI has become. Just look at this screenshot. I thought the differences between KDE, Gnome and other toolkits was bad but that's way off, M$ has no excuse for the fundamental differences seen in their own tools. Why would you ever throw a new user into that mess? The worst part is how frequently they change the interface, No one else does it more.I'll conclude with
Friends don't help friends install M$ junk.
I don't think this is obfuscation. For the black hatters, it is more like the economics of mining precious metal. If you had several ore loads to choose from, and limited resources to mine them with, you choose the ore load with the richest deposits of gold. It doesn't mean the gold in either deposit is worth any less per ounce, it is just the economy of scale dictates that all other things being equal, you go where the most gold is. Why spend the time and effort to hack an OS that doesn't have 90% of the market share when there is such an OS?
I am sure that if enough people used Linux or OS X or brand X, and it became worth the effort, those OSs would be attacked for more. And Linux et al apps do have flaws that can be exposed (to say they don't would be very arrogant) and are routinely patched (how many megs per yum update if you wait a couple weeks?). And yes I know, in many cases the patching is faster, but the openings are still there, and more will be found if more black hatters start looking as much as they do with MS right now.
And by the way, obfuscation is a useful and valid tool when used with other security precautions. For example, a good firewall set up doesn't just block incoming connections to ports you want closed against port scanning, it will also drop the messages silently so that the sender doesn't have an indication that they actually reached something at that IP address. (TCP/IP allows the option to firewalls et al to tell the sender that the connection was refused. And some firewalls allow you the option to configure this.) A good firewall protects you by actively blocking packets and obscuring your computer. Much better than blocking and letting the sender know it was blocked. In that case the sender would have an IP address it knows for sure has something on the other end to work on. There are likely dozens of good uses of obfuscation (how about not letting others see your PIN when you use the bank machine? Even though you have the only valid card and are taking it with you, you still shouldn't show your PIN).
-- I ignore anonymous replies to my comments and postings.
http://www.mysecureisp.com/
I beg to differ. The product is only as secure as its default settings. Windows XP, pre-SP2 had some very insecure default settings, allowing for these botnets to proliferate. SP2 addresses this issue to some extent, and Vista goes further. You'll find that a lot of compromised machines were hacked because they're running pre-SP2 Windows XP.
We all know what to do, but we don't know how to get re-elected once we have done it
Funny, Opera has the ability to turn off javascript in its quick menu. Lemme check;
F12 -> Enable Javascript (unchecked!)
Yep! Every browser SHOULD have this functionality built in; too bad only Opera does at the moment.
"It's unfortunate that Microsoft continues to be allowed to operate as an illegal monopoly based in the United States."
Microsoft is allowed to act in the way it does because we are not a socialistic hell like the rest of the world. The world leverages the hard work of the US and it's capitalistic ways but yet complains about the very process it takes. Fricking bastards!
Want to see the fruit of socialism, watch France over the next 10-20 years. Go sell some apples from a cart you dumb idiot.
As far as I can tell, the computer science types and the IT types avoid each other like the plague. Also afaict, the computer science types have their own hardware separate from the main network.
Given the above, I don't see what having or not having a computer science department has to do with it.
I beg to differ. The product is only as secure as its default settings. Windows XP, pre-SP2 had some very insecure default settings, allowing for these botnets to proliferate. SP2 addresses this issue to some extent, and Vista goes further. You'll find that a lot of compromised machines were hacked because they're running pre-SP2 Windows XP
Which supports exactly one of the bad habits the parent mentioned:
"If the mainstream Windows userbase switched to Linux, they'd take their bad habits (neglecting security hole patches..."
If it's pre-SP2 then they're not applying the security patches. For most people there's no reason to not be running SP2.
Yes, it is possible to operate Windows securely, unless you don't install and use cycle-sucking anti-malware software, don't watch your step on the internets, and indiscriminately double-click on every attachment that appears in your inbox. Since we can't break non-geeks of any of those bad habits, the logical alternative is for them to use OSes that are less susceptible to the behavior of uninformed users. OS X is the only other mainstream OS, 'mainstream' meaning you can walk into a store and walk out with a computer that is ready to run it out of the box. Thankfully, average computer users are finally starting to get fed up with all of the problems that plague Windows and are buying Macs in droves to avoid them.
And don't tell me that as soon as Macs get popular enough, they'll have the same problems as Windows. BlackICE defender was a software firewall with a user base of around 50,000 installations. When a hole was discovered in the software, someone went out of their way to create a worm that would break into all BlackICE firewalls that could be found on the Internet. They did this "just for fun". For a mere 50,000 installations. OS X has a userbase a hell of a lot larger than 50,000, and there are plenty of Apple haters who would love to make a name for themselves by being the first to create an OS X virus and take all those smug Apple users down a peg. Well, it's been almost six years-- so where's the OS X virus?
I disagree completely.
Windows makes it easy to practice these bad habits... default Administrator login, programs that don't work correctly when run without Admin access, ActiveX, etc. Contrast this with, say, Ubuntu... an excellent Linux distro even for newbies: by default the root account is disabled, when you want to do something system-alterating (e.g. temporarily gain root access), you have to put in your PASSWORD, not just click "Okay". The whole thing is so well-integrated that these password prompts aren't annoying or confusing. The system in general tries to explain to you what you're doing when it's something unusual.
Furthermore, most Linux distros are based on a central software repository which is supported, or at least approved, by the distro's developers. When you install open-source software from this repository, you can have confidence that you're not going to get spyware... and if you're running the stable distribution you can be pretty sure that you're installing software that has been thoroughly debugged as well--as opposed to some IE toolbar crap rushed out the door after a week's dev time.
I also think that Firefox 2.0 is far superior to IE 6 (haven't used 7 yet) in terms of alerting the user to potentially dangerous actions. When you install extensions, Firefox adds a 5-second time delay before you can click on "OK" to force you to actually read those stupid pop-up boxes. It detects suspicious obfuscated URLs, won't run downloaded executables without additional intervention, and checks HTTPS sites that improperly mix secure and non-secure content.
So I *do* think that PC security would improve substantially if the Windows userbase switched en masse to Linux. Granted, there'd be some of the problems with people doing stupid things and not reading warnings, but I don't think it'd just be same-old-same-old...
My bicyles
but I've never had malware attack (trojan, virii, worm, spyware, etc.) that I have not done myself (and I've been using Windows OS computers since 1991). My computer has never been owned or any other stupid idiotic nonsense. Perhaps I know not to open unsolicited emails or go to websites I am not sure of... perhaps its just plain common sense.
In otherwords, my question becomes where the hell do you (you being the individuals who've had these issues) go to get these problems? I want to actually see one for once, because I personally believe that its either a bunch of "bravo sierra" or the users truly have no clue on what to do (or not do) on a computer.
I'm not saying Windows is necessarly better, as for my own personal knowledge, I'm cutting my teeth on Fedora Core 6, and hating positively HATING the fact I've had to do 4 installs (1 initial and 3 re-installs) just to get it up and running, but I'll try it because I always like being fair) but having said that I do not see really any viable alterative software that Linux provides that 1) looks as nice as Windows, 2) operates in a relatively simple manner -- this can be chalked up to my not knowing the system however, and 3) not having to touch the command line or reworking source code. EVER.
In the end while I believe the author is well intentioned, for individuals who just want the computer to work (with a minimal learning curve), Windows is still the champ in that area (even though, some individuals / groups claim it makes it easier for malware authors to operate as well).
Regards,
MBC1977,
Apparently resolving this isn't that simple. Otherwise, ad-aware (not to mention its innumerable brethren) wouldn't be one of the single-most downloaded applications for Windows, now would it? Norton and all the other "security vendors" wouldn't have anything to do either, would they? Do you see tons of users running for adware prevention or virus checkers or third party firewall software on the Mac/OSX the first day they get it? Or later? No - you don't. And why? Because it isn't needed. Those who have opted for the very few programs in those categories on the Mac have been scammed: because there is no such set of problems. Those problems are Windows problems.
And that is why that today, at least, OSX is better for the vast majority of end users. Not because it is better looking, though it certainly is. Not because it is easier to use, though it is that, too. Not because the hardware always works, though it does, and without any fussing around, too. But because it is easy, reliable, and doesn't continually force the user into a state of pissed-off fugue.
It used to be that because some applications were only developed for windows, that the Mac was accurately seen as a poor choice for some based on app availability. Today, with Parallels running exquisite sandboxed virtualizations on totally kick-ass hardware, you can run the serious windows apps you have to and then kill windows, tossing the OS state completely, keeping only user filesystem data and chopping off most Windows security problems at the neck while muttering, "Die, you #$%^er!" There's never been a better time to go OSX and say goodbye to the black hat hacker community.
I've fallen off your lawn, and I can't get up.
Damn what happened to my SMTP service?
This message was brought to you by "Lack of Sleep."
Windows really should have put out a new build of XP before releasing Vista. Just SP2 with a new installer that mimics Windows server 2003. If you've ever installed Windows Server 2003 it can be quite secure. It turns off all inbound connections until you can install patches. It turns off IE so you can't surf anything without explicity telling it you are ready to. Server 2003 was going down the right path, I'm not sure why they never ported some of these basics to a new XP back in 2004. I guess it's too late now.
The last big Windows worm was quite a while ago. They are still alive thanks to the unaware. Windows has a lot of ports open compared to other machines mostly because it was designed to operate in a operate in an Active directory enviornment...and because RPC is overally relied upon. Yes you can get a virus delivered by email, but this is true of any OS where the user is running as root ( admin ( if the os even supports it ) ) and opens up an attachment. Windows users are bombared with viruses that Mac users get and can safely ignore...heck if you tried to run the exe it would just fail. Mail virsuses are getting less and less as well as email providers and spam firewalls are blocking them. A properly written virus ran on Linux or Mac OSx can get thru the protection. Linux and Mac OSx have had plenty of exploits to get a file install things.
While other OSes interact with each other, they don't quite do it with the built in way MS does. This is good for the end user and bad for security. SMB setup has gotten a heck of lot easier on Linux in the last few years, but compared to Windows it'll never be quite as easy. There are products out there like Groupware, but Active Directory is by far the simplest and most useful for setting up a small to massive network. Thousands of companies use it every day to share files and get work done. Install a printer from the active directory isn't super easy, but I ca'tn see a Linux product comparing.
Mac interaction with AD isn't that bad. I wish it had an Active Directory client from the get go, but my Mac users can print, share files, and a few other things okay. Nobody likes to mention that Windows file security is far more advanced then Linux's will be for quite sometime. The ability to permission a file to individual users at varying levels is absolutely crucial. It is a pain for my Mac users to have to remember their NT passwords and visit a NT machine to reset it every once in a while, but it is good enough so they can run Photoshop...with the Mac keyboard.
I won't be suprised to see a mac mode in Vista sometime soon. It wouldn't really be that hard for Windows to stick the file menu up on the top of the screen when a Window takes focus.
The fact of the matter that no ones wants to talk about is MS is becoming fairly secure if installed with it's patches and stuck behind a firewall. This is true of practically all OSes. The big problem MS has it that it doesn't update it's install disks and most of it's vendors don't update their freaking images. If I get a new Dell I would expect not to have to install a single patch that was over two months old, but alas they don't do that for you. Imagie you installed Redhat 3.0 and then put yourself on the network. I'm sure someone out there could right a worm for Redhat 3.0 right? There isn't one port in the default install with a buffer overflow issue? It be an interesting expierement to write worms for older versions of OSs and see how they take. My guess is that there are more Windows 98 boxes running today then RedHat 3.0 boxes ever ran.
The point is OSx or Linux get the marketshare that Windows has you'll see 1000's of older versions of the OS. As it sicks MAC users generally upgrade fast, and Linux users are practically religous about it outside of the server scope. And on the server side it is likely the machines are protected via firewalls.
The browser hole is getting plugged as we speak. Firefox, Opera, and IE are all plugging away. The big issues is that HTML and Javascript t
I "operate Windows securely" without cycle-sucking anti-malware software and usually aren't watching where I'm stepping.
Might be a problem with the users. I don't use an administrator account.
If computer systems were diverse, that means every time I used a computer, it would work and act differently. Software that ran on one system wouldn't work on another, or would work subtly differently.
It would be like dealing with people. The training manual for one doesn't work with another. Drugs made for one don't work the same for everyone. Diversity is a killer, I tell you. Clones all around!
As a long time Linux user I have to say...
Honestly, what does he think he's doing giving people dangerous, top-secret information like this? Alternative operating systems should be kept secret from the standard computer user! The less people that know about Linux the better - that way my computer will not be targeted!
Seriously though, while Linux and Mac OS X are inherently more secure, they have their fair share of (in some cases rather bad) exploits. So recommending this to people seems like it will only ever be useful in the short term. Firefox is a great product, and while I recommend it to most people, I'm very wary when I tell them it is more secure. I'm no expert on the statistics, but it's market share is certainly growing. As more people use it, it becomes a more viable target.
It seems like a paradox to me. It's secure partly because less people use it. Security is desirable, so more people use it. It becomes no longer as secure.
Whilst I love to spread the Tux joy, I very occasionally find myself hoping the software I use never becomes too mainstream - it's a purely selfish desire to have an easy worm-free computer life! It's security through obscurity, but at the moment it's working...
I suppose if there's one thing going for the Windows security model, it's that most people are aware that malware is all to easy to pick up; at least they're aware of the security problem. If people switch to something else and think that they're safe, that attitude may undo any good from them using a more secure system.
"Waiter, waiter! There's Linux on my PC!"
"Quiet sir, or everyone will install it."
If someone visits the wrong website using IE and insufficient anti-virus software, they can quickly become part of a botnet (in large part thanks to ActiveX controls). Visiting the same website in Firefox (even on windows) can be perfectly safe. Even if the webmaster wanted to target Firefox users, the ActiveX controls aren't present for the exploit.
In Windows, if you download a file that ends in .bat, .com, .exe, and a few others, the file is automatically treated as an executable. Recent "fixes" throw up a warning to make sure the user wants to execute the file, but many people will ignore the warning and run something even though they think it's a jpeg. In Linux, something that ends in .jpeg can be an executable, but it's permissions must be set to executable. You can't download something and run it without actively making it executable first.
At this point we'll assume that on either operating system, a trojan has been executed. In Windows, most home users run as the administrative user by default. Most Linux distros I've run into make it difficult to run as root, and make it clear that it is not a good idea. So if a trojan is running in Windows, it has access to the entire computer. It can install device drivers, read any file it wants, write data (or copies of itself) anywhere it wants, and ultimately some viruses require reformatting to eliminate. In Linux, if a user runs a trojan, it can trash the files in their home directory (which certainly isn't good), but it can't install device drivers, effect the data of other users, or make embed itself so deeply in the system that a reformat becomes necessary.
In order to take over a Linux machine you'd have to convince the user to execute the file as root, or find some file the user can write to that root will eventually execute. Yes, this may be doable if you're targeting a specific system and can spend a lot of time trying to find a place to plant the executable, but a script kiddie is going to have a lot harder time taking over a Linux box than a Windows box.
Good point. This weekend's anecdote - you would think a current model Microsoft webcam would install easily on a up to date Microsoft Windows XP - I did and was wrong. Admittedly all it took in the end was a download of another version of directx instead of the one on the CD - but that took several hours on dial up on that computer. Installing stuff really is a puzzle sometimes - I have many examples but things are getting better as a rule.
Most people get somebody else to solve the puzzle for them - so they think the Microsoft software is simple and are blissfully unaware of the registry. What really appalls me is how people have got used to running compromised machines - they trust that whatever crim is putting adware on their machine or using it as a spambot is not getting their financial information from the PC or putting other nasties the current antispyware doesn't know about on there.
I completely agree. If the number of Firefox and IE users were switched, there would probably be a few more Firefox exploits exposed, that doesn't mean Firefox is more secure solely because it's not as common of a web browser, as many people seem to think.
Funny - but when studying history about the rest of the world, it seems that corruption is worldwide. Tell you what, clean up your gov't, tell your country to stop using Windows, and then we will work on things hear in the states. Ok. One other thing, don't ever come here. I know you want to, but you are now officialy not welcome.
Kettle, meet Mr. Pot.
Who else makes a calculator that goes to infinity...or has somebody found the limit yet? If nobody has, then let's set up a "calculator@home" to see if there is one.
What?
I'll pass them along to my parents and my grandmother and her friends. They should have no trouble understanding them until they get to "ports".
In other words, get real. What percentage of general users do you think are capable of doing all the stuff you mention--or maybe ANY of it? Security shouldn't have to be a full-time job. And with a well-designed system, it isn't.
Hmm... according to Secunia...
OS X has 9 unpatched vulnerabilities of 87 listed, plus 1 partial fix. Oldest unpatched is Nov-2006.
Win2K Pro has 24 unpatched vulnerabilities of 145 listed, plus 3 partial fixes. Oldest unpatched is Oct-2002.
WinXP Home has 29 unpatched vulnerabilities of 154 listed, plus 3 partial fixes. Oldest unpatched is Sep-2002.
WinXP Pro has 32 unpatched vulnerabilities of 169 listed, plus 2 partial fixes. Oldest unpatched is Dec-2002.
Linux 2.6.1 kernel has 19 unpatched vulnerabilities of 107 listed, plus 9 partial fixes. Oldest unpatched is May-2004.
My interpretation is that based on these numbers, OS X looks pretty good! Of course, this month of Apple bugs might see the numbers rise somewhat.
Don't you recognize his reasoning? It's not based on facts, it's based on the theory that both programs have bugs, therefore they must be just about as secure as the other.
:]
Never mind the recent story that Firefox was vulnerable to a critical (one where "visit bad web page" == pwn3d), unpatched, published exploit for all of 9 days last year (IE was vulnerable for 9 months). This is called a "vulnerability window" and is an important part of any security assessment attempting to measure how secure bits of software are without having to rely on vendor claims. Obviously, that's too quantifiable for use with such a reasoning process. Then we have to reason about all the exploits that aren't public, as if people can silently exploit computers en masse with private exploits and no one will notice. Sure, if they're not interested in a botnet of random computers, they'll stick to targeting specific people and keep their exploits quiet, but that doesn't really impact the security of the population in general. It's also funny that people have this perception sometimes that they only visit "safe" sites. Even assuming they're not one of the porn viewing public, and that they never install smilies or screen savers (great way to get infected) or other such crap, that ignores that we've seen major advertising networks get compromised and serve up exploits. Not to mention the shady ad networks that do that deliberately...
Ironically, when it comes to open vs. closed source, it's usually argued that open source helps make the vulnerabilities more public, so that puts things even more in Firefox's favor. So to argue that IE is even as secure as Firefox requires you to use ridiculous metrics touted only by PR departments in media releases.
So yes, it's true--Firefox does have bugs. There were even 9 days last year when you could've been 0wn3d by an unpatched exploit (assuming you haven't learned to use the noscript extension). But there's no way to hide the sheer magnitude of the difference: 9 days vs. 9 months. Yeah, they can improve. Maybe they'll even manage to do things a lot better. And maybe you can find a few things to quibble with in that story. But the fact is that Microsoft has a terrible security record. Period. No one else is perfect, sure, but let's call a spade a spade here instead of being distracted by a dirty hoe
The person above has an agenda to push as seen by username and URL and turned the Mac comment into a linux one to push this agenda - as well as an accusation of your incompetance because you expressed a different view. I wouldn't worry about it a great deal - they will get bored and go away eventually if the content looks too technical for them.
- CookieSafe
- Adblock Plus
- Flashblock
- httpOnly
- SafeHistory
- SafeCache
- IDND
- Link Alert
- BlockSite
- Master Password Timeout
- no-referrer0
- NoScript
Other useful support Add-Ons are:- SwitchProxy Tool
- User Agent Switcher
- Adblock Filterset.G Updater
For Linux users, I also have this useful add-on:I don't use an administrator account.
XP still sets up the default account to be an administrator, Few n00bs are going to know to create and use a non-admin account. And even if they do, there is still a shamefully large number of applications that expect to be installed and/or run using an administrator account, and which barf if you try to do either while logged in as a non-admin.
I have tried to run Windows at home as a non-admin, and it was a fucking exercise in frustration that lasted less than a weekend.
Your firewall won't help you at all if you're running an unpatched IE and allowing all outgoing traffic on port 80. The unpatched IE can be exploited, and the malware can connect to its owner though port 80.
I'm a firm believer in the theory that regular users need System Administrators. Maybe home users do too. If I could come up with a business model for a company that provided System Administrator services to home computer users i'd be rich!
If you must!
I've seen a lot of comments sugest the WIndows is easier to target because it has a larger marketshare.
This is a BS argument. Here is one example of a program with larger marketshare but fewer cracks, both attempts and percentage successes:
Apache
IIS
Just because it's a bigger target doesn't mean it's a better target. Windows is a good target because it's big AND because it has a shit-ton of security flaws. You need to be a security expert to properly safeguard Windows, and most people don't have enough security expertise.
Weylin
67.5% Slashdot Pure I guess I need to work on that....
Vista is here and cheap (well at least at night in mexico)...see link
http://www.plocp.com/images/vista_MG_3800.jpg
But what do I know, I've been MS free for 5 years now and still surviving..
As do theregister, theregister, attrition.org, attrition.org, grok.org.uk,
Even mi2g's own research FTA:
Wow. That is a lot of money per Windows box, per year. To do as badly in sum, every linux box on the interweb would pretty much have to commit fusion.
Of course, none of those programs run on OSX or linux.
Well at least they got something right.Don't you MS bloggers have anything better to do? Could you maybe have a look at that virgin Vista IP stack for us? We're a little worried you guys were trolling slashdot and not FIXING THE DAMNED BUGS.
Help stamp out iliturcy.
One other thing, don't ever come here. I know you want to, but you are now officialy not welcome.
/sarcasm
Such a beautiful example of American hospitality... no wonder you guys are so universally loved.
For the record, America still employs many socialist ideals... public schools; public housing; non-private police force; all these things bought to you by socialism. Would propose that these socialist services be abolished in favour of purely private counter-parts?
Yes, I to would love to live in a country with a privatized police force... I would sure feel a "held-to-mothers-bossom" sense of security knowing that it is run, not for the expressed purpose of protecting the populace/enforcement of law, but for the profit of shareholders. No way that could ever be a bad thing... capitalism is _never_ wrong
douche bag
5468652047616D65
It is much less than that.
It is simply a quarter page of filler that can be read in an eye blink.
Turn on Windows Update. Install a program like Windows Defender. Use Firefox or upgrade to IE7.
Both of these views are really valid. Some OS's are still inherently more stable and secure than Windows - Linux and OS X - but the prevalance of Windows users just magnifies the problem. If everyone suddenly made the Mac or Linux switch, would there eventually be malware problems with those operating systems? Sure, nothing's 100% secure, but I would say the targets would be a lot more hardened naturally if the switch were to be made.
how much you want to bet the nyt will have to pay double for their windows licences next time they upgrade.
Windows XP systems, yes. Not Win9x.
A pertinent fact, because it supports the argument that an Operating System's security (from a design and implementation perspective) and its "security record" do not necessarily share a causative relationship.
Wow! What a beautiful argument. Did you think of that all by yourself? No - it was probally your government run schools that taught you that type of thought, how unoriginal.
Your examples are retarded. We also have PRIVATE schools, PRIVATE housing, and yes, there are PRIVATE police forces. However much of the work that is being done in the public side of those is actually outsourced. Thus, we have public schools that has a outsourced sanitation staff, outsourced administrative staff, outsourced legal staff, etc.
Your comprehension of capitalism is skewed. Privitization allows people to keep costs low, thus we outsource much (international and domestic). Our ability to outsource allows much of the rest of the world to keep a high standard of living. Like I said before, lets watch the glorious nation of France sizzle out in the next 10-20 years, let's watch Russia implode, lets watch the middle east continue in their crazy ways...
Now lets see how many of these countries utilize products that were developed in capitalistic countries. Lets see how much your life would change if the US stopped allowing its IP to be sold to King Louis (and his ilk) and took back all of its previously created IP. I wonder how much quicker these countries would travel back to the stone age.
I wonder, how many people are creating businesses in those great socialistic countries? You know businesses that pay TAXES and thus propel your great socialism. Linux is great, but I am curious how many down on their luck people Linux is helping. Whereas, a capitalistic product, Microsoft, generates billions in sales and thus creates a lot of tax, of which feeds the high-unemployed over there.
Oh - maybe I missed your point, is it, "I want everyone else to take care of me, I am entitled to free (fill in the blank)". We already have people like you here already. So - stay out. Personally, I do not care if other countries "like" the US. I do know, that when the chips are down, they will be calling. We'll come in aid, our young will be killed in war, and you will criticize us. However, you will also be gratefull that we are there.
Kiss my ass and stay away from the US. You also are not welcome. However I know your government will be coming with an open hand asking for funds. And I am sure we will give them to you. Then you will default on these and tell us that we are greedy capitalistic bastards. Oh well.
You're quite correct that Firefox has security holes aplenty. Seems like the fix more and more holes each month. But IE is the main target for malware.
Microsoft should take the easy way out and just drop IE and bundle Firefox. Overnight, Firefox would become the prime target. Then it will be put to the test as to just how secure it is. If it is security as its advocates claim, then it's good for everyone, including Microsoft (since they no longer have to worry about browser security, and this scenario would actually eliminate one of the reasons people would have to move to a different OS). But if Firefox isn't all it's cracked up to be (and I don't assume that Firefox devs are any smarter than anyone else, and we *know* that the browser has security problems through empirical evidence of the frequent security patches), then it's still good for Microsoft, as they still don't have to worry about it as it wouldn't be their problem. They would just continue on their merry way while the press bashes Firefox instead of Microsoft.
Microsoft could instead drop IE for Opera; same thing. Except there's every possibility that Opera has more holes than IE and FF put together. Opera's user share is so tiny (Opera's share is ~0.9%) that it hasn't been put to the test at all by the bad guys. There's no way to tell how secure it is or not; it's simply not used enough (and Opera's fixing security flaws in secret doesn't help their credibility regarding their "perfect" security record).
-- "I never gave these stories much credence." - HAL 9000
I installed NoScript and after several weeks of pain and suffering I finally just gave up on it. It broke many sites in completely surprising and evil ways (I know it's the fault of the site owner, but I'm not into Don Quixote wars). The most detrimental effect is that web-shopping is well nigh impossible while NoScript is running, because even if you remember to enable scripts for the parent site, the payment site will have to be enabled separately, and by the time you figure out what the payment site is, it's already too late and your purchase has just gone completely haywire. Usually you could go back to the parent site and figure out what happened, but when real money is at stake I don't want to take any chances.
So IMHO NoScript is an interesting concept but it has impacts that will suprise and mess up even a skilled user and will definitely drive the average computer owner to a blind rage. I think recommending it to the general public will just persuade all those grandmas and grandpas out there who actually try to follow this advice that they need to stick to MS&IE, or else their computers will start behaving funny.
An analysis of hacker attacks on online servers
Please don't compare Windows XP boxes online as servers and Linux boxes online as servers.
The topic is Desktop machines. Care to compare the number of XP boxes and Linux boxes in any Botnet?
The truth shall set you free!
Install a printer from the active directory isn't super easy, but I ca'tn see a Linux product comparing.
Hint, Hawking Tech print server. Install as IPP port. Simple in my SOHO network for both a HP Laser and an Inkjet.
Everyting can print to the printers from the Ubuntu box to the Windows boxes of all flavors from 98, ME, 2K and XP. Only the older verions of Windows that don't support IPP need the driver provided by Hawking.
The truth shall set you free!
Wow! What a beautiful argument.
I know... certainly inspired you, didn't it?
Did you think of that all by yourself? No
You are correct - I didn't think of it all by myself... I formed an opinion by digesting multiple sources of information. You on the other hand (as evidenced by the wording of your reply) are the master-mind behind all subjects relating to economic models. Everyone else, from Smith to Marx, learned from your incredibly informative AC posts, right here on slashdot no less!
it was probally your government run schools that taught you that type of thought, how unoriginal.
I have personal experience of both private and public schools in Australia. I went to both kinds... of course this is anecdotal evidence, but in general I found that I was able to do a great deal less work at private schools and achieve impressive grades than at the public schools. This is simply for the fact that the private schools provided only a fraction of the detail in any given subject area that the public schools did. I can certainly say for a fact, I learned much much more at public schools... on the other hand I would have received even better marks than at the public schools, yet gained less knowledge at the private schools.
Your examples are retarded.
You're entitled to your opinion... but I submit that you are retarded; not just your comments
Your comprehension of capitalism is skewed. Privitization allows people to keep costs low
'People' defined as those who have the money to further increase their wealth, by paying employees (also people) less than the worth of their actual daily output. America's ability to outsource allows corporations to keep costs low... not people.
I wonder, how many people are creating businesses in those great socialistic countries?
A lot. Businesses based around designing, implementing, and maintaining Linux network systems (and of course, the businesses that use said systems). All money saved not buying MS products is usually paid to the local consultant... which means both a stronger local economy AND a bigger tax cut for the government.
Oh - maybe I missed your point, is it, "I want everyone else to take care of me, I am entitled to free (fill in the blank)"
Yeah, you did miss the point. I have no problem paying a bit extra out of my wage in tax, if that means that those in my community who can't properly afford to "take care of" themselves (health,education,housing) aren't driven to criminal acts (potentially against me) in order to be able to do so. In other words, decrease the impact of abject poverty, and the subsequent social problems it causes... what bastardry!
Kiss my ass and stay away from the US. You also are not welcome.
How endearing! I love how you speak the mind of everyone in your country.
scrotum feeder
5468652047616D65
Microsoft isn't "ALLOWED" to act the way it does. It has already been bitch slapped a number of times for breaking antitrust laws. Its actions are ILLEGAL.
Eventually and hopefully soon it will be dragged back into court and ordered to be broken apart into at least three separate companies for its flagrant disregard and violations of the law. (You dumb idiot.)
The race isn't always to the swift... but that's the way to bet!
Their campaign contributions... Cough** Cough**
The race isn't always to the swift... but that's the way to bet!
"Privitization allows people to keep costs low..."
Only until the mega corporation kills all competition. Then the people get raped.
"...thus we outsource much (international and domestic)."
Mostly out of country where the mega corporations can get labor much cheaper. This kills the job market here and drives down wages.
"Our ability to outsource allows much of the rest of the world to keep a high standard of living."
Actually no. We are losing jobs and wages are being driven down to compete. Also there are some of us that don't like mega corporations exploiting cheap labor by paying slave wages to disparate people.
"Now lets see how many of these countries utilize products that were developed in capitalistic countries. Lets see how much your life would change if the US stopped allowing its IP to be sold to King Louis (and his ilk) and took back all of its previously created IP. I wonder how much quicker these countries would travel back to the stone age."
Right. All other people are stupid and couldn't figure things out for themselves. You are an idiot and the remainder of your post is proof.
The race isn't always to the swift... but that's the way to bet!
"Um, they have such a large market share because people *want* Windows.."
Um... no, they have such a market because they know how to play very, very dirty and soon they'll start to pay for it.
The race isn't always to the swift... but that's the way to bet!
My biggest annoyance though on 'limited user' accounts, was always having to create a control panel folder, and create a bunch of shortcuts that run 'control.exe something.cpl', with the 'run as a different user' option enabled in the shortcut properties. Software rarely gave me trouble.
Change is certain; progress is not obligatory.
... just declare Javascript and Flash too insecure, and remove them from the internet altogether (this is a too-hopeful thought, but still, is this not too late to be known?) Obviously we see that now the trend is moving from Microsoft and heading towards other software plugin makers. How many JS bugs/exploits have we found in the past few months? Yea, I thought so. LOADS of them. BAN JAVASCRIPT AND FLASH. MAKE THE NET A SAFER PLACE. PURE HTML and *EDUCATE* the users! FFS if you don't educate these people, stupid shit will continue to happen (I won't go on the tirade about a laptop sent in for repair to my job by Halliburton, where NOTHING was wrong with the laptop, just a spyware infection thanks to IE, the porn-obsessed idiots.)
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
> Nobody likes to mention that Windows file security is far more advanced then Linux's will be for quite sometime. The ability to permission a file to individual users at varying levels is absolutely crucial.
Apparently you've never used standard POSIX ACLs, which have been in Linux for many years now (this is entirely different from the legacy user-group-other UNIX permissions you're thinking of). ACLs are easily editable from the file properties tab in KDE or GNOME - no need for the command line. SELinux (also standard) lets you do mandatory access control ACLs and auditing if you want that too. It may be true that Windows NT had this support earlier than Linux, but the rest of your statement is false.
it's the second time this week that I stumble on crap open-source source that tries to run 'sudo'
:)) I have found a sudoers file with some thirty users
from 'make install' in the Makefile.
if those people even DARE to do this immensely silly thing (assuming that it will work), this means that
are thousands and thousands of 'linux' idiots where it is the norm to simply prepend 'sudo' to a command
to run it as root.
when searching through google (I was searching for a zip code list in plain text, something that the Post
in my country considers its intelectual property
that could run any command without password. That was the home directory of a senior administrator of a
well-known ISP (1-2 million users).
I wonder whether Firefox's RefreshBlocker add-on would prevent this annoyance? I haven't often run into the problem myself, so I can't say I've tried it.
Show me a modern distro that logs the user in as root by default. I don't even think Linspire are stupid enough to do that these days. Most distros don't even display the root account when the user comes to log in. You have to go out of your way to log in as root these days.
One notable difference is that while there exist only few versions of "Windows", there is no such thing as a standard "Linux".
Any exploit for Linux encounters the same difficulties in being distro-independent as the typical application does.
You never know what services are running, what the exact directory structure is, what tools are available, etc.
The monoculture of Windows makes it more vulnerable to exploits than Linux.
Gee, if you want a Linux that *just works*, try Linux Mint I'm using it right now on a 5 year old IBM netvista, works a treat and easy as piss to use...
Plus supports pretty much everything out of the box.
It's pretty much a distribution that just works and would be ideal for that relative/friend who is sick to death of Windows trojan/virii...
Wherever you go There you are
Whenever I'm unable to purchase something from a web store because their website requires Javascript, I always make it a point to send the sales department or webmaster for that company an email explaining that I was unable to purchase from their website because of the Javascript requirement and/or because their web site is incompatible with my FireFox web browser. I hope everyone else also does this, because although news websites probably don't really care much whether you visit their site or not, merchants probably care a great deal when they start loosing sales because of web browser incompatibility.
9/11 Eyewitnesses to Explosive WTC Demolition 1 of 2
As you point out, I have no way to profit from my post. So, what is the point of posting personal insults?
Convincing the mainstream Windows userbase to switch to Linux does not seem much more of a challenge to me than convincing them to adjust their security habits.
This doesn't apply to the scenario where Linux comes as a default OS on new hardware, but anyone who cares enough about security to switch from their current OS probably applies patches too.
That is only true as long as you stay on the upgrade treadmill. How much hardware or software is Windows98 compatible? SE? ME?
When Vista is out properly. how much new hardware will be Vista only? How much of your current hardware will not have Vista drivers?
So you need to buy new hardware and new software to be able to enjoy waltsing in to Walmart and pick up some hardware or software and know that it works. Even then, you will get *some* older stuff that won't work on your new OS so you can still get bitten. Why else do they ask you when you exit "have you checked it for compatability?"
but not necessarily hacked more. I get attacked by bots looking for cmd.exe. So, that is an attack. It's unsuccessful because I don't *have* cmd.exe. So it isn't hacked.
I hope you are being serious, as I've thought for a long time that that is a good idea.
Just like in the movies RoboCop and Demolition Man
A private police force is an unnecessary danger. As long as businesses are able to be corrupt, so can a privatized police force (more so than existing ones).
Monopolies are perfectly legal in the United States. The way you use your position as a monopoly is what's subject to restrictions. For instance, Microsoft pushing its "free" software bundled with the Windows OS (particularly IE) is what the DOJ and EU commission have been trying to nail Microsoft for years. They can be a monopoly, what they can't do is use their position as a monopoly to squash their competitors.
You need to explain that visiting an unknown site with javascript (or any scripting) turned on is one of the most dangerous thing you can do with a browser. It's an open invitation for sites to run their software on your machine. Yes, it's a hassle. But dealing with a computer that has been taken over by nasty stuff is a much bigger hassle, for you and for everyone else.
If it were possible to enforce laws on the Internet, one law should be that no software should ever execute downloaded code without explicit permission from the human in charge. Software that runs code from another site without very clearly asking permission should be grounds for a serious fine imposed on the software's vendor and/or author.
Too bad there's no way to enforce such a rule.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Will you be recruiting your Sysadmins from the asylum?
Because if you didn't have to be crazy to be willing to deal with home users, you certainly would go crazy while doing it. ^^
- Most OEM installations of Windows will have administrator as the default user, not requiring any logon at startup. In most Linux distros, you are disuaded or even cannot do this (e.g. Ubuntu), instead you work as a non-root user and sudo to do admin tasks.
- Even with SP2 Windows XP enabled the infamous NetBIOS file and print services, just for one example. Nice summary of this and other "features" here
- A Windows user can readily execute an EXE or VB script etc, e.g. a dodgy email attachment or download from a shady website, simply by double-clicking it from Explorer. Depending on the level of access to resources (see 1) the system may be totally compromised. In Linux by contrast, executing anything beyond what can safely be installed through the software repository requires knowledge of setting file permissions (and often how to build and install from source).
- Similarly for ActiveX, given the user confirms they want to run it, the system is left totally open to abuse.
Small wonder all the spambots, key loggers, spyware and viruses out there in the real world live in Windows, right? Its not simply because of Windows' popularity, doesn't the Mac have 5-10% market share?If you can figure what makes people buy anything to start with, you could make even more money running a marketing agency, with the added benefit of not having to remove BonziBuddy umpteen times a week.
Indeed!
Actually, this is my point about diversity. I very nearly wrote almost what you wrote (as I run Gentoo also) as an example of diversity -- diverse configurations being similar to genetic diversity, but I was worried the anti-Linux/pro-Windows/pro-OSX/whatever trolls would mod me into the ground. ASLR works by randomising the program's memory space, which could be considered security through obscurity, though you could say that a password is security through obscurity, since it is secure based on the assumption that they don't know the password. Anyway, isn't Windows getting an ASLR technology in Vista or did I dream that?
Essentially though, I was saying the article was not describing security through obscurity, but rather just running a lesser used operating system as there is less script-kiddie interest.
"Windows has a lot of ports open compared to other machines mostly because it was designed to operate in a operate in an Active directory enviornment...and because RPC is overally relied upon"
Is it possible to design a directory service and still be secure. For instance where are all the in-the-wild exploits for Novell eDirectory.
"Yes you can get a virus delivered by email, but this is true of any OS where the user is running as root ( admin ( if the os even supports it ) ) and opens up an attachment
The typos are a nice touch. Opening an attachment in Linux or OS X is not the dangourious activity it is on Windows as open does not equate to execute. Even running as root, which you don't have to do, unlike Windows where running as non-admin makes the machine unusable.
"Nobody likes to mention that Windows file security is far more advanced then Linux's will be for quite sometime"
The reason 'nobody likes to mention' it is that it isn't even true. 'User Account Control' was know as SUDO on Linux long before it put in an appearance in Vista. The rest of the Vista 'security' features are not even needed under Linux.
"I won't be suprised to see a mac mode in Vista sometime soon. It wouldn't really be that hard for Windows to stick the file menu up on the top of the screen when a Window takes focus"
The Linux Mac lookalike desktop is called Xfce and has been out for years. What is it with this computer innovation begins and ends with Vista.
"The fact of the matter that no ones wants to talk about is MS is becoming fairly secure if installed with it's patches and stuck behind a firewall"
Who are these people who don't want to talk about MS becoming fairly secure and why would this be deemed worthy of mention.
"Imagie you installed Redhat 3.0 and then put yourself on the network. I'm sure someone out there could right a worm for Redhat 3.0 right?"
ROFL
"ActiveX has as well which was a stupid idea to compete with Java which was poorly executed"
It's Javas' fault that ActiveX is so insecure
"The NYT guy could say Mac OSx and Linux have less threats so switching to them is a solution, but getting yourself a firewall is the best. Go to Bestbuy and pay the whatever fee for the geek squad to come install it.
I don't know what he could have said only what he actually said:
And with dot.NET and it's JIT compiler and COM over HTML, a firewall isn't going to be of much use.
was: MS Should have put out Windows XP Second Edition (Score:5, Excuses)
davecb5620@gmail.com
Diskless workstations or partition restored from hidden image.
was: Deep Freeze (Score:5, Advert)
davecb5620@gmail.com
Yes, and in contrast to pink unicorns tailing your mouse pointer, you really miss AJAX when it's disabled.
How difficult can it be to allow for a DOM element to be the target of a link? In other words, AJAX without the J, as part of a future version of HTML. This would make it possible to switch off javascript without losing a lot of functionality, except for sites that are so javascript-centric that they break instead of degrading (read: sites that are already broken).
Plus, by standardizing the functionality of AJAX, it would become safer and browser-customizable - think of visual hints as a browser feature: when you click on an asynchronous link, first you see a spinner hovering over the link, then (when loaded) the new content pops out of it and expands into its target space. Or browsers implementing some kind of history, resuscitating the back button.
All serious scripting should be done on the server anyway. Never trust the client.
Microsoft Products:
for children 3 and under
Mmmmmm DIRT!
Regular users do need system administrators, but I think that Google and others understand this far better than MS to date. What's a web app with remote server-based storage but someone else handling your backups and data integrity and security? Look at Gmail, or the Google spreadsheet, or the Google calendar, or their aquisition of Writely. These types of applications take a lot of the risks of running your own PC out of the equation. Users don't need schmancy new features in a fucking word processor, they need a simple program with basic outlining, formatting, and spellchecking and they need security and data integrity. Office, so long as it is a standalone application running on Windows, gives you more features but relatively few additional document management, backup, or security enhancements, and probably introduces more than a few attack vectors, especially since email, a technology for selling penny stocks, is tightly coupled to the other applications. It is, in a word, insane.
As web apps become more rich, and comply with standards that ubiquitous, cross-platform browsers can deal with, the specialized, OS-dependent enterprise and desktop apps that keep Windows on the desktop are going to slowly die out, leaving Windows as a really nice gaming platform, and not much else. Here's a wild idea: perhaps the losses MS takes on the Xbox platform is in part because of concerns of precisely this sort.
The Office Live offerings and brining in Ray Ozzie I think has been a move to try to get into this emerging market, but I doubt that MS's bureaucratic momentum will really accomodate the possibility in time to beat Google and the many other challengers. I think the entire Vista and Office 2007 strategies show MS trying to have it both ways -- milking their traditional cash cows at the same time they dabble in actually addressing the issues presenting the common problems with information technology in the broader society.
Online citizen journalism from the inner city: The View From The Ground
That is not really security though obscurity. There is nothing obscure on you aproach.
It is in fact secury though diversity that, while not being tecnicaly secure, have strong economical effects. And it is why Linux will have few problems with viroses (that are highly dependent of scale) even if all computers on the net run it.
Rethinking email
>Been there, done that, found the solution, not going back.
Thought you were going to say, "Been there, done that, found the solution, bought a Mac."
B-)
A friend will come and bail you out of jail, a true friend will be sitting next to you saying, "damn that was fun!"