Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Isn't Just Avoiding Microsoft

Posted by CmdrTaco on from the foil-hats-also-required dept.

Jay Singala noted a story which points out "It's time for all the people who have entertained this fantasy to stop deluding themselves. How would life without Microsoft be different? It wouldn't be in any meaningful way for those in charge of network security; there would just be a different vendor peddling the dominant operating system."

12 of 295 comments (clear)

  1. Philosophy by youthoftoday · · Score: 3, Interesting

    This smells of the anthropic principle...

    --
    -1 not first post
  2. MS too large by Turn-X+Alphonse · · Score: 2, Interesting

    MS's problem is they haven't had a real rival in years. They are so used to being the top dog they forget how to fight. It's the same way guys who work up from the bottom suddenly develope amnesia of exactly how difficult it was to get there until using "I came from the streets!" is going to help them in politics of some sort.

    Things would be no better with any company having Microsofts history, but that doesn't mean MS was set on it's current course through fate or whatever else you wish to call it.

    --
    I like muppets.
  3. Seriously, editors... ENOUGH ALREADY by freeweed · · Score: 5, Interesting

    This is the 3rd or 4th story in as many days that positively SCREAMS troll.

    1. Find a common belief of Slashdot
    2. Whine and bitch about "Slashdot bias" while not even understanding the point
    3. When you don't get modded high enough for your complaining, find some blog that agrees with you
    4. Get story linked to on Slasdot
    4a. In this case, not even a link
    5. Page Hits

    Editors, I know you love to drive ad revenue by putting up these blatant trolls (OMG How Can I Love Open Source Without Copyright? If I Don't Like The RIAA I MUST Hate RMS!!!!!One!), but the joke's on you - most of us who respond to these out of annoyance run adblock.

    Can we try for some actual stories now?

    --
    Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
  4. The problem is one of balance by PFI_Optix · · Score: 1, Interesting

    Microsoft is insecure because they try to juggle security, performance, and being idiot-friendly. Windows is largely the dominant OS because people found it easier to use and more available than the alternatives in the mid-90s when the computing boom took place.

    Now, MS is having to balance coddling those users who don't know jack about their OS and keeping the OS secure. Added security generally means more steps (or the same number of more complicated steps) to accomplish the same task.

    I would contend that it was Windows' lack of security that made PCs accessible to the masses in the first place, in that during the 90s Windows was the *only* operating system for the "I just want it to work" crowd. Unless you want to argue that OS 7/8/9 was equally functional...in which case I'd argue that you haven't had to deal with it enough and didn't live in an area where Mac software simply wasn't sold in the days prior to commonplace broadband.

    --
    120 characters for a sig? That's bloody useless.
  5. Re:Not exactly by McDutchie · · Score: 2, Interesting

    Your kidding me! Do you have a link where I can read up on that?
    A Report on the Internet Worm (November 7, 1988). Enjoy.
  6. But... by PhotoGuy · · Score: 2, Interesting

    "Security isn't just avoiding Microsoft..."

    Sometimes a double negative can sum it up best: "but it isn't *not* avoiding Microsoft..."

    --
    Love many, trust a few, do harm to none.
  7. Re:Not exactly by niiler · · Score: 3, Interesting

    You must be talking about Linspire or whatever they call it these days. Most Linuxes I've run out of the box are quite a bit more secure than their Windows counterparts. I just ran nmap on my local network. The result was that all computers running Windows XP were identified along with their open ports and services whereas none of the linux boxes (with default firewalls configured on install) showed much at all. Nmap guessed that they were running Linux or Unix, but that was it.

    Nobody is claiming that any OS is perfectly secure. But I seriously question your statement about newbies running *nix being more insecure compared to their Windows counterparts as most modern distros seem to have firewalls enabled and extraneous services shut off by default.

  8. Another Lost Opportunity by EgoWumpus · · Score: 3, Interesting

    The argument has been out for a very long time now; "Any OS with this much market share would be subject to an equal number of attacks and breaches." But it's a weak argument; many point this out. The reason I'll pitch to the forefront is this: we have no evidence that it's true, and until another operating system has 80% market share for two decades, we simply won't have a baseline to compare.

    What I find lamentable is that this article takes what might have otherwise been a good opportunity to echo a tired suggestion. Rather than denying it is impossible for anyone to do as well as Microsoft has, perhaps it would be important to drill down to some real reasons why MS has had so many issues, and why another OS - regardless of the technical features - might have similar difficulty. The number one reason I can come up with - off the top of my head - is feature management. 80% of the market is large. Huge. Gargantuan. There are many users with many wants, but they all want certain common ground across which all of them can function. They are asking a central authority - Microsoft - to provide that. Unix simply has not had that sort of crushing demand put on them, and I find that a more compelling argument than one whose support is based on a hypothetical. Microsoft has tried and not always succeeded to meet that demand while providing the features requested securely. Nothing is perfect - but they challenge anyone to do it better.

    If Microsoft has faith in their product, they'll have faith that people will try, and fail, to do it better. If they don't, they'll reduce themselves to distractions and hand-waving - and the people making their money off of MS will throw any argument out there that will draw the least bit of attention away from their lack of confidence.

    --

    [Ego]out

  9. Re:Not exactly by smittyoneeach · · Score: 2, Interesting

    Unix and Linux consistently met or exceeded the appropriate level of security at the time.
    Still more important than this is the concept that most *nix flavors are continuously developed by a horde of people in plane sight. This Conway's Game of Life approach shakes out more bugs (hopefully at a higher frequency than they are inserted). This results in better code in the long run. Look at the recent scheduler activity on the LKML for example.
    OTOH, you've got the Temples of Syrinx approach that says the priests will give you a binary doing what you need, when you need it.
    Maybe.
    --
    Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
  10. Re:IIS 5.0 not a web server .. ? by legirons · · Score: 2, Interesting

    IIS 5.0 buffer overflow exploited systems which were never intended to be web servers'

    Ah, well there's your security problem... an operating system which runs webservers without its users' knowledge.

  11. Let us test that theory.. by BlueParrot · · Score: 2, Interesting

    Take 20 boxes and then let a bunch of hacker lose on them. Pay them $money for every box they manage to crack. Make 10 of the boxes run fully patched Windows and 10 run the stable branch of OpenBSD and stick complete computer novices behind them. In fact, make the OpenBSD boxes run the OpenBSD project's apache version, OpenSSH server, give the hackers an account on it and have every daemon listen to every port and enable X11 forwarding through SSH. The windows machines can run a fully patched Vista with all the ports under a firewall. I bet most people would still prefer trying to compromise a Windows box. Seriously, don't come and tell me there wouldn't be fewer security problems if windows went away. Vista's security model is based on the "how do we design this so we can blame the user" while the open source distros are based on "lets be open about vulnerabilities so we can fix them asap". Heck, even if the open source ones were as vulnerable as windows I would still prefer them because at least then you can be relatively certain they will be open about it. With Microsoft you are more likely to get told of for being a user when they break something.

  12. Re:Not exactly by Master+of+Transhuman · · Score: 2, Interesting


    While it is true that the original viruses developed by Dr. Fred Cohen were developed and tested - easily - on UNIX systems, it is also true that UNIX sys admins learned (most of them, anyway.)

    In recent years - say, the last ten or 15 - UNIX has definitely been more secure than any version of Windows.

    A comparative analysis of the methods UNIX uses to defend itself - such as SELinux and App Armor - vs the nonsense Microsoft has added to Vista, for example, the stupid UAC, pretty much demonstrates where significant security lies.

    --
    Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!