Slashdot Mirror
NYT Security Tip - Choose Non-Microsoft Products
Giorgio Maone writes "The New York Times article 'Tips for Protecting the Home Computer' follows a story we recently discussed about the proliferation of botnets, and contains some statements which may sound quite unusual from mainstream press, especially if targeted to home users: 'Using a non-Windows-based PC may be one defense against these programs, known as malware ... Alternative browsers, like Firefox and Opera, may insulate users ... NoScript, a plug-in utility, can limit the ability of remote programs to run potentially damaging programs on your PC'."
I must admit that initially I was a bit humored by the idea that a New York Times author had a right to caution me about computer usage. But when I looked up his credentials, he seems to be a qualified and experienced tech writer who probably has good advice for the general public. Granted, his last recommendation: "Don't click if someone offers you something too good to be true. It is." worries me that people may be wary of certain open source projects but in the end, I'd agree that I'd tell my sister and friends just not to install anything and to ask me for specific links to programs that solve problems or fill needs.
In the end, it's a very short article and doesn't provide a very comprehensive picture of security for a home user. You may think its news that Mr. Markoff decided to push people away from Microsoft but he's only telling you the facts about the numbers. You won't have as many problems with Linux but there's no way your daughter's iPod will work with iTunes Music Store on your computer anymore. If he wanted to make this a notable article, he should have delved into trade offs and better coverage of issues.
So Markoff doesn't like the benefits of running Microsoft software. So what?
My work here is dung.
There's only been 9 comments on this story at the time of this writing, and yet the following tags are already up: "flamebait, nytfud, troll". These guys work fast, don't they? What's flamebait, trolling, or FUD about this article? Avoiding Microsoft products is a perfectly prudent move, if you can. Is it untrue to say that Mac and Linux users are safer on the internet than Windows users, or that Opera or Firefox users are safer on the internet than Internet Explorer users? Far from it. It's demonstrable fact.
Viper is the preferred editor of the Emacs operating system.
Sure, everything is exploitable, but some things are a lot harder to exploit than others, and both linux and OSX are poster children for this. To imply that OSX is, or ever will be, as vulnerable to hacks as Windows is puts you well into the "disingenuous" category, I'm afraid.
Microsoft would love everyone to think that OSX is just as vulnerable as Windows is, but the fact is, it isn't. It's a lot better organized operating system code-wise, and patches come swiftly and surely from Apple whenever anyone finds anything. Which is quite a contrast to Microsoft's approach, even if they do have a harder time patching Windows.
I've fallen off your lawn, and I can't get up.
Our school installed Deep Freeze and all the virus/malware problems just went away. Basically, users can't install programs. If they try, the programs go away when the computer is rebooted. All the computers reboot themselves at midnight. So, a virus might last a few hours but it's gone the next day. A couple of years ago the network was down for a few days while the IT guys eradicated a virus. Since Deep Freeze there have been no such problems. I'm surprised that more people don't use it.
..the main stream is finally (slowly) catching on to the reality of choices?Consumers are relatively stupid that way, but I think it's true that consumers in general are creating a change in the wind. Ever notice how all the consumers demand "choices" in the market, yet whenever there are multiple competitors, consumers do their best to kill off all except one and accidentally create stagnating monopolies? (see 8-track/Cassette, VHS/Beta, PC/Mac etc). Very few people will embrace more than one technology (obviously) but everyone tries to convince everyone they know to also choose the same thing they've chosen. Funny, though.
Most of the stuff on
The reason Firefox is more secure is because when an exploit is found it's fixed, with IE it takes a long time. Last year Firefox was vulnerable to exploits for 9 days while "Internet Explorer Unsafe for 284 Days in 2006." They also have a nice chart showing this: http://www.washingtonpost.com/wp-srv/technology/da ily/graphics/index20070104.html
>>This isn't security through obscurity. Security through obscurity would be saying "I'm safe because I run Windows and it's closed source". This is the claim that uncommon software is more secure because there are less exploits. While untrue mathematically, the reality is that you are still currently less likely to be exploited when running Mac OS X or Linux since script kiddies don't really care about you so much (for the same reason game developers don't, incidentally).
I don't agree: I run Gentoo; since every app I run is compiled from source for the processor architecture I am running, some classes of exploits cannot target me because even if they knew which version of a given app I am running, they can't know precisely the layout of the binary because of the personalized compilation flags I use.
It doesn't rule out exploits, but it does make it a bit harder on them.
With Windows, most of the code you have running is the exact same binary for every x86 machine.
I guess that that is a situation where LINUX is making use of "security through obscurity" and Windows is incapable of doing the same.
Ironic, isn't it?
I don't know the meaning of the word 'don't' - J
...when you consider that Linux is compromised more often than any Windows based OS. http://www.zdnet.com.au/news/software/soa/Linux_ha cked_more_often_than_Windows/0,130061733,139116229 ,00.htm
Windows really should have put out a new build of XP before releasing Vista. Just SP2 with a new installer that mimics Windows server 2003. If you've ever installed Windows Server 2003 it can be quite secure. It turns off all inbound connections until you can install patches. It turns off IE so you can't surf anything without explicity telling it you are ready to. Server 2003 was going down the right path, I'm not sure why they never ported some of these basics to a new XP back in 2004. I guess it's too late now.
The last big Windows worm was quite a while ago. They are still alive thanks to the unaware. Windows has a lot of ports open compared to other machines mostly because it was designed to operate in a operate in an Active directory enviornment...and because RPC is overally relied upon. Yes you can get a virus delivered by email, but this is true of any OS where the user is running as root ( admin ( if the os even supports it ) ) and opens up an attachment. Windows users are bombared with viruses that Mac users get and can safely ignore...heck if you tried to run the exe it would just fail. Mail virsuses are getting less and less as well as email providers and spam firewalls are blocking them. A properly written virus ran on Linux or Mac OSx can get thru the protection. Linux and Mac OSx have had plenty of exploits to get a file install things.
While other OSes interact with each other, they don't quite do it with the built in way MS does. This is good for the end user and bad for security. SMB setup has gotten a heck of lot easier on Linux in the last few years, but compared to Windows it'll never be quite as easy. There are products out there like Groupware, but Active Directory is by far the simplest and most useful for setting up a small to massive network. Thousands of companies use it every day to share files and get work done. Install a printer from the active directory isn't super easy, but I ca'tn see a Linux product comparing.
Mac interaction with AD isn't that bad. I wish it had an Active Directory client from the get go, but my Mac users can print, share files, and a few other things okay. Nobody likes to mention that Windows file security is far more advanced then Linux's will be for quite sometime. The ability to permission a file to individual users at varying levels is absolutely crucial. It is a pain for my Mac users to have to remember their NT passwords and visit a NT machine to reset it every once in a while, but it is good enough so they can run Photoshop...with the Mac keyboard.
I won't be suprised to see a mac mode in Vista sometime soon. It wouldn't really be that hard for Windows to stick the file menu up on the top of the screen when a Window takes focus.
The fact of the matter that no ones wants to talk about is MS is becoming fairly secure if installed with it's patches and stuck behind a firewall. This is true of practically all OSes. The big problem MS has it that it doesn't update it's install disks and most of it's vendors don't update their freaking images. If I get a new Dell I would expect not to have to install a single patch that was over two months old, but alas they don't do that for you. Imagie you installed Redhat 3.0 and then put yourself on the network. I'm sure someone out there could right a worm for Redhat 3.0 right? There isn't one port in the default install with a buffer overflow issue? It be an interesting expierement to write worms for older versions of OSs and see how they take. My guess is that there are more Windows 98 boxes running today then RedHat 3.0 boxes ever ran.
The point is OSx or Linux get the marketshare that Windows has you'll see 1000's of older versions of the OS. As it sicks MAC users generally upgrade fast, and Linux users are practically religous about it outside of the server scope. And on the server side it is likely the machines are protected via firewalls.
The browser hole is getting plugged as we speak. Firefox, Opera, and IE are all plugging away. The big issues is that HTML and Javascript t
Don't you recognize his reasoning? It's not based on facts, it's based on the theory that both programs have bugs, therefore they must be just about as secure as the other.
:]
Never mind the recent story that Firefox was vulnerable to a critical (one where "visit bad web page" == pwn3d), unpatched, published exploit for all of 9 days last year (IE was vulnerable for 9 months). This is called a "vulnerability window" and is an important part of any security assessment attempting to measure how secure bits of software are without having to rely on vendor claims. Obviously, that's too quantifiable for use with such a reasoning process. Then we have to reason about all the exploits that aren't public, as if people can silently exploit computers en masse with private exploits and no one will notice. Sure, if they're not interested in a botnet of random computers, they'll stick to targeting specific people and keep their exploits quiet, but that doesn't really impact the security of the population in general. It's also funny that people have this perception sometimes that they only visit "safe" sites. Even assuming they're not one of the porn viewing public, and that they never install smilies or screen savers (great way to get infected) or other such crap, that ignores that we've seen major advertising networks get compromised and serve up exploits. Not to mention the shady ad networks that do that deliberately...
Ironically, when it comes to open vs. closed source, it's usually argued that open source helps make the vulnerabilities more public, so that puts things even more in Firefox's favor. So to argue that IE is even as secure as Firefox requires you to use ridiculous metrics touted only by PR departments in media releases.
So yes, it's true--Firefox does have bugs. There were even 9 days last year when you could've been 0wn3d by an unpatched exploit (assuming you haven't learned to use the noscript extension). But there's no way to hide the sheer magnitude of the difference: 9 days vs. 9 months. Yeah, they can improve. Maybe they'll even manage to do things a lot better. And maybe you can find a few things to quibble with in that story. But the fact is that Microsoft has a terrible security record. Period. No one else is perfect, sure, but let's call a spade a spade here instead of being distracted by a dirty hoe
I've seen a lot of comments sugest the WIndows is easier to target because it has a larger marketshare.
This is a BS argument. Here is one example of a program with larger marketshare but fewer cracks, both attempts and percentage successes:
Apache
IIS
Just because it's a bigger target doesn't mean it's a better target. Windows is a good target because it's big AND because it has a shit-ton of security flaws. You need to be a security expert to properly safeguard Windows, and most people don't have enough security expertise.
Weylin
67.5% Slashdot Pure I guess I need to work on that....
The IBM PC-Compatible of the 80's got the job done quickly and cheaply when the Mac was the high-priced spread.
Windows 95 swept in on the perfect storm. It ran on entry-level hardware. It arrived at a time when services like AOL were driving towards mass-market acceptance.
The Mac is typically available only in a half dozen or so standard configurations while the Windows PC can be customized endlessly for every environment from the auto body shop to your kid's basement playroom.
The Mac holds the same niche markets it claimed in 1984, both sustained and burdened by its identification with an upscale urban lifestyle.
Windows remains solidly middle class. The gamer's PC. The office workhorse.
Whenever I'm unable to purchase something from a web store because their website requires Javascript, I always make it a point to send the sales department or webmaster for that company an email explaining that I was unable to purchase from their website because of the Javascript requirement and/or because their web site is incompatible with my FireFox web browser. I hope everyone else also does this, because although news websites probably don't really care much whether you visit their site or not, merchants probably care a great deal when they start loosing sales because of web browser incompatibility.
9/11 Eyewitnesses to Explosive WTC Demolition 1 of 2