Slashdot Mirror

← Back to Stories (view on slashdot.org)

NYT Security Tip - Choose Non-Microsoft Products

Posted by Zonk on from the wise-people-over-there dept.

Giorgio Maone writes "The New York Times article 'Tips for Protecting the Home Computer' follows a story we recently discussed about the proliferation of botnets, and contains some statements which may sound quite unusual from mainstream press, especially if targeted to home users: 'Using a non-Windows-based PC may be one defense against these programs, known as malware ... Alternative browsers, like Firefox and Opera, may insulate users ... NoScript, a plug-in utility, can limit the ability of remote programs to run potentially damaging programs on your PC'."

6 of 298 comments (clear)

  1. Noscript is one of the best reasons to run Firefox by Beryllium+Sphere(tm) · · Score: 4, Informative

    The only usable way to control Javascript is site by site, and turning it off by default slashes a whole army of exploits out of your life. Every browser should have this functionality built in.

  2. Re:Think about it by WilliamSChips · · Score: 4, Informative

    In addition, in server space the numbers are much more even, and Apache/Unix servers outnumber Windows/IIS servers. Yet all the server malware is for Windows NT-based servers and not Apache/Unix based servers.

    --
    Please, for the good of Humanity, vote Obama.
  3. Re:Noscript is one of the best reasons to run Fire by El+Cubano · · Score: 4, Informative

    The only usable way to control Javascript is site by site, and turning it off by default slashes a whole army of exploits out of your life. Every browser should have this functionality built in.

    Amen to that. I use noscript and I have lost count of how many sites fail completely or outright refuse to load if JS is disabled. The number of sites which degrade gracefully is sadly quite small. If every browser had this, maybe web developers would finally get it through their thick skulls that JavaScript is best utilized to enhance the user's experience. Obviously, there are some exceptions, like AJAX applications and the like. It bugs me so much that I have never developed a site that did not degrade gracefully in the absence of JS. In fact, the only way the user would notice something was different was if they had first seen the site with JS and then later without or vice versa. Some of the worst offenders are the "major" tech companies. Try logging into Yahoo webmail with JS turned off to see what I mean.

  4. Nothing's more Fragnmented than M$ GUI. by twitter · · Score: 4, Informative

    I think your argument of "It's so simple a 5 year old can do it" is flawed for one big reason: The five year old isn't used to using IE.

    You must have missed this article

    , complete with screen shots about how inconsistent the M$ GUI has become. Just look at this screenshot. I thought the differences between KDE, Gnome and other toolkits was bad but that's way off, M$ has no excuse for the fundamental differences seen in their own tools. Why would you ever throw a new user into that mess? The worst part is how frequently they change the interface, No one else does it more.

    I'll conclude with

    with Microsoft applications, there's a feeling that, by and large, the only UI guidelines that Windows applications adhere to is "what we feel like." (I know Microsoft has a lot of UI guideline information, but since no one seems to follow any of it, I'm not sure what the point of it is.)
    --

    Friends don't help friends install M$ junk.

  5. Re:ah yes... by MoxFulder · · Score: 5, Informative
    The product is only as secure as its users. If the mainstream Windows userbase switched to Linux, they'd take their bad habits (neglecting security hole patches, installing supposedly-required software to view web pages, logging in as root by default, etc.) with them. Linux would be the new hot target for malware. The same goes for OSX or any other operating system. Sure, there would be fewer holes, assuming that people made sure to apply the appropriate security patches, but we're assuming again that they wouldn't take their bad habits with them again, aren't we?

    I disagree completely.

    Windows makes it easy to practice these bad habits... default Administrator login, programs that don't work correctly when run without Admin access, ActiveX, etc. Contrast this with, say, Ubuntu... an excellent Linux distro even for newbies: by default the root account is disabled, when you want to do something system-alterating (e.g. temporarily gain root access), you have to put in your PASSWORD, not just click "Okay". The whole thing is so well-integrated that these password prompts aren't annoying or confusing. The system in general tries to explain to you what you're doing when it's something unusual.

    Furthermore, most Linux distros are based on a central software repository which is supported, or at least approved, by the distro's developers. When you install open-source software from this repository, you can have confidence that you're not going to get spyware... and if you're running the stable distribution you can be pretty sure that you're installing software that has been thoroughly debugged as well--as opposed to some IE toolbar crap rushed out the door after a week's dev time.

    I also think that Firefox 2.0 is far superior to IE 6 (haven't used 7 yet) in terms of alerting the user to potentially dangerous actions. When you install extensions, Firefox adds a 5-second time delay before you can click on "OK" to force you to actually read those stupid pop-up boxes. It detects suspicious obfuscated URLs, won't run downloaded executables without additional intervention, and checks HTTPS sites that improperly mix secure and non-secure content.

    So I *do* think that PC security would improve substantially if the Windows userbase switched en masse to Linux. Granted, there'd be some of the problems with people doing stupid things and not reading warnings, but I don't think it'd just be same-old-same-old...
    --
    My bicyles
  6. Ultimate Firefox Add-Ons for Privacy/Security by Dark+Coder · · Score: 4, Informative
    As someone who actually AM worried about impending javascript exploits carrying trojans, I have within my Firefox the following Add-Ons (which comes pretty close to perfect security), but still requires a modicum of user awareness during web surfing.... The following Add-Ons are good for Windows, Linux and supposedly MAC OSX.
    1. CookieSafe
    2. Adblock Plus
    3. Flashblock
    4. httpOnly
    5. SafeHistory
    6. SafeCache
    7. IDND
    8. Link Alert
    9. BlockSite
    10. Master Password Timeout
    11. no-referrer0
    12. NoScript
    Other useful support Add-Ons are:
    1. SwitchProxy Tool
    2. User Agent Switcher
    3. Adblock Filterset.G Updater
    For Linux users, I also have this useful add-on:
    1. MediaPlayerConnectivity