Slashdot Mirror
Flawed Survey Suggests XP More Secure Than Vista
SkeeLo writes "One of Vista's big selling points is security, but a report from CRN concludes that Vista offers little in the way of security advancements over Windows XP. Ars Technica analyzed the report and found some methodological problems. 'The report faults Vista for "providing no improvement in virus protection vs. XP," but of course Windows Vista does not ship with antivirus software — something the reviewer fails to mention. Faulting an AV-less Vista for not stopping viruses is a bit like faulting a door without a lock for opening when the handle is twisted.' That's not all: 'It was also disappointing to see CRN completely ignore the issue of buffer overflows, which has been addressed well in Vista by most accounts. This was a major weak spot with XP, and so far, Vista looks strong in this area, strong enough that Vista may never get its own "SQL Slammer." Why CRN didn't address this is a mystery, as it is no minor matter.'"
Maybe I missed it when I RTFA, but it didnt mention which version of XP was used... a look at HPs site shows that the HP Compaq nc6400 did ship with XP Pro (whether that matters much compared to home edition or not)
Also... were these systems ran all the way default, as in, boots up as Administrator with no password? (again, not sure how much that matters in a test like this)
I do agree with the title, flawed survey indeed.
I dont blame Vista or XP so much as I blame IE version X.XX
Id like to see the exact same suite of tests ran against the latest version of Opera, Netscape and Firefox.
The virus scene is dead. No-one is writing viruses.
There are people who write worms and bot-net building trojans, but they have nothing to do with the virus scene.
How we know is more important than what we know.
Faulting an AV-less Vista for not stopping viruses is a bit like faulting a door without a lock for opening when the handle is twisted.
I think the point is that M$ should have learned their lesson last time, and the time before that, and made vista such that having anti-virus software would be unnecessary. Or in the terms of the analogy, Having forgotten to put a lock on the door of their previous house and repeatedly come home to find their underwear scattered all over the yard, you would have thought they would have made a secure door this time.
The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
The important thing to remember here is that Microsoft had five(5) years to make the base OS more secure [ without an AV installed ] which might make it "similar" to Mac OSX or to any distribution of Linux. In other words, without an AV installed Vista is showing *worse* than XP, and way worse than any *nix installation--- which after the much touted newer better more improved security rich Vista--- is very disappointing. Yes, folks are taking shots at microsoft--- some of which is not fair. But common folks, after five(5) years and millions and millions of bucks they sure could have done better than this-- really. Its not Microsoft bashing--- its true and its fair.
Ichthus
'The report faults Vista for "providing no improvement in virus protection vs. XP," but of course Windows Vista does not ship with antivirus software -- something the reviewer fails to mention. Faulting an AV-less Vista for not stopping viruses is a bit like faulting a door without a lock for opening when the handle is twisted.'
Vista is supposed to have these features built-in, as well as a host of other improvements. Such as service hardening, anti-malware (which does claim to kill viruses), network access and more.
Why, you can read the whole list right here.
So I wouldn't say it's like a door without a lock on it. If Vista is flawed, it would be like saying it's a door with a crappy lock on it. Big difference.
Weaselmancer
rediculous.
My comment was based on my experience earlier this week on Monday, only the second time I've been close enough to be able to identify a Vista install, and the very first time I'd used it. It had just been installed (as well as Office 2007) by one of my colleagues on a brand new HP laptop. No, didn't get asked to Allow or Cancel anything, but what I did experience didn't surprise me in the least.
From the instant I hit Ctrl-Alt-Delete (and this is after waiting for the machine to finish choking itself) it was the same familiar Windows experience - watching the HDD LED as if it's going to give some sort of indication as to when it might be safe to go on to the next step as the machine crawls through the login procedure - totally unresponsive for the majority of the time.
People bag Windows about insecurity, DRM and UAC all the time - they're not the things I have problems with. I play the game, keep machines patched, AV installed if the shareholders demand it, and so on. My only real gripe with Windows it simply that I habitually find small sub-tasks to do like clip my fingernails or organise desk-drawers while waiting for countless delays my Windows box gives me. Screwed if I'm going to spend a month of my life waiting for start menus to render.
Where with a different OS, I'd start the kettle boiling and check my email while that's going on, in Windows I launch outlook and then go and see to the kettle, because I know which will make me wait longer.
Show me the OS that can protect itself against a user with administrative privileges installing bad software. Unless you can do that, it really is disingenuous to demand that Windows should be able to do it.
Linux (with selinux enabled) can be configured to do that.
You miss the point though. A *user* with administrative privilege. That's the problem with Windows. The only person with admin rights should be the admin. Hopefully someone with enough clue to know what they're installing.
Oh and you need to fire your solaris admin. You don't *need* root to install any app in Unix. You can choose to install systemwide that often needs it (unless you've setup a nonprivileged account for the task).. but how many apps truly need that?