Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Talks Back To Google's Security Claims

Posted by samzenpus on from the smack-talking dept.

Kilrah_il writes "Yesterday there was a piece about Google ditching Windows for internal use because of security concerns. Now Microsoft is fighting back, claiming its products are the most secure — more than Google's and Apple's. 'When it comes to security, even hackers admit we're doing a better job making our products more secure than anyone else. And it's not just the hackers; third-party influentials and industry leaders like Cisco tell us regularly that our focus and investment continues to surpass others.'"

8 of 528 comments (clear)

  1. Cisco by abigor · · Score: 5, Interesting

    Well, I can tell you right now that a lot of Cisco's engineers use Macs, and server-side it's Linux. That said, I imagine Cisco management, marketing, etc. are mostly Windows-based.

  2. Uh huh by starfishsystems · · Score: 5, Interesting

    Right. That's why there's no longer any market for third-party virus checking on the Windows platform.

    And all those idiotic corporate restrictions on email attachments can go, too. That'll be a great relief, because right now I can't even attach a zipfile without Outlook complaining about it.

    And those flashes of screen content that appear when I reconnect to a locked Remote Terminal session, those are just in my imagination. No information exposure there, any more. Good, cause that was really stupid. Wait, I'd better check. Nope, still there.

    And those irritating and needless messages requesting permission after I've launched an Active Directory management window, those are gone too, right? Because now the system has finally caught up to the X Window System technology available back in 1993?

    Oh, no. Actually, I just checked, and it hasn't.

    Wow, Microsoft. I am impressed. You actually drank the kool-aid to prove that it was harmless. Except that it's not.

    --
    Parity: What to do when the weekend comes.
  3. Microsoft products are the most secure lawnmowers by davecb · · Score: 5, Interesting

    Poor chaps, they can only make a "c2" grade in the old orange-book (U.S.Department of Defense) grading by removing the networking, while a mainline Linux distro hits b1 (courtesy of the CIA).

    --dave

    --
    davecb@spamcop.net
  4. Re:Keep saying it and one day it might stick by dave562 · · Score: 3, Interesting

    You are right that the focus has changed. The infection vector has also changed. The old vectors don't work, or if they do the access to them has been mitigated on the client by the software firewall, and on the network permimeter by hardware firewalls. The operating system has been hardened to the point that most of the exploits are targetting applications. That is an improvement. Once they figure out how to properly sandbox the applications, the entire system will become more stable. Whether or not Microsoft is really up to the task is debatable.

  5. Absolute vs. Relative. by GNUALMAFUERTE · · Score: 4, Interesting

    When we speak about GNU/Linux functionality, nobody takes relative values into account. They only take into account the absolute final result. Example, nobody takes into account the great hardware compatibility considering 99% of all drivers were written by the community after reverse engineering the hardware and/or other OSes privative drivers. People (including microsoft) only mention that GNU/Linux doesn't support all features of X hardware, and windows does, and therefore it's better.
    Same thing for apps, marketshare, etc. They only say "More people have windows, it supports more apps, whatever, period. ".

    So, why should we take into account relative values when talking about windows?

    I don't care if they are trying hard, or if they have more marketshare, or about any other factor. The ONLY operating system that requires antivirus, antispyware, and other crap is windows. It is also the only operating system that is consistently, publicly and massively cracked around the world all the time. There are several botnets around the net that are the source of most spam, and this botnets consist of windows machines only.

    So, in absolute terms, the most secure OS is OpenBSD. The most insecure is Windows.

    --
    WTF am I doing replying to an AC at 5 A.M on a Friday night?
  6. Re:Some Helpful Advise by man_of_mr_e · · Score: 4, Interesting

    Linux and FreeBSD boxes get hacked all the time. One can claim it's because people use weak passwords or use the same password on their box as they do on every site on the internet, and there are probably a lot of those boxes that compromised that way, but a lot are also do flaws in software installed on Linux boxes. Spend some time going through sites like Zone-H and you'll see that Linux sites get successfully attaced as much, if not more so than Windows servers (the numbers change from day to day).

    You're living in a dream world if you think Linux security is any better or worse than anyone elses. Most Linux boxes have 1000x more software installed on them, and each software package is a potential security flaw waiting to happen. Most of those can only compromise the account it runs on, but attackers are getting smart and creating blended attackes that include multiple vulnerabilities, including local root vulnerabilites that get executed via a user-level remote attack.

    But really, the only people who attack Linux boxes are those looking to either brag, or those looking for fat pipe DDoS zombies. Malware authors, who target stupid users who will pay $50 to the fake virus writers are going to target the vast majority of systems.. ie windows.

    --
    If you need web hosting, you could do worse than here
  7. Re:Some Helpful Advise by Anonymous Coward · · Score: 3, Interesting

    Now we are comparing UNIX boxes that run financial institutions to Windows XP boxes run by 14 year old girls who's primary concern in life is weather or not facebook.com loads?

    Hilarious.

    UNIX systems in Banking institutions are run by competent people and sit on network secured by competent people. It's much easier and less risky to take control of 100,000 Windows machines run by people with zero knowledge of security and next to zero chance of figuring out they are infected than infiltrate a corporate network owned by a bank and run by a professional. Some bank machine getting hacked is going to attract a ton of of law enforcement attention whereas 100,000 Windows boxes being owned is going to attract nothing.

  8. Re:Some Helpful Advise by dAzED1 · · Score: 3, Interesting

    the point is that the value isn't by building a bigger botnet, it's by getting prime targets. If it takes you 10,000 times more effort to get on the large banking system than it does to break on to a windows7 box someone uses at home...so what, it's likely going to be that much more valuable. Even with massive, massive numbers of compromised systems, botnets aren't a money-making venture. Getting that random keylogger to get access to someone's bank account is FAR, FAR more difficult than shooting a spam email to 100,000 people just asking them for the info - you'll get it from a few of them. No need to actually break on to a box for that sort of thing, you just break the person. The OS is thus irrelevant.

    Linux isn't less of a target, it's *more* of one. There is less success hacking it not because people don't want to hack it, but instead...wait for it...because it's more secure. I could go over the reasons why in detail, but if you haven't figured it out for yourself after all these years, then...hey, fanboi away.