Microsoft Talks Back To Google's Security Claims

Kilrah_il writes "Yesterday there was a piece about Google ditching Windows for internal use because of security concerns. Now Microsoft is fighting back, claiming its products are the most secure — more than Google's and Apple's. 'When it comes to security, even hackers admit we're doing a better job making our products more secure than anyone else. And it's not just the hackers; third-party influentials and industry leaders like Cisco tell us regularly that our focus and investment continues to surpass others.'"

Some Helpful Advise

[eldavojohn]

When it comes to security, even hackers admit we're doing a better job making our products more secure than anyone else.

Hint: Your worst nightmares do not have open jovial dialogues with you. And if they did communicate with you or offer you a score card or report, they would want you to feel as though you are completely safe -- totally unaware and unprepared for what you may face.

You've come a long way, Microsoft, but you have much much further to go. If you measure security by percentage increase in security then the evolution from Windows 95 to Windows 7 is nigh impassable. But that in no way means you're number one in the security scores. Run your marketing campaign with setting the "facts" straight but people like me know. With what little (journalistic) evidence you presented, there's no way I can build a conclusion that backs up your statement. And there's no way around that. It would better prepare you to look into the several thousand anecdotes found daily revealing the issues with Windows and Internet Explorer.

Re:Some Helpful Advise

[onionman]

Microsoft's products are completely secure!! Completely! You don't even need to bother with any more security "research". In fact, I've even seen Bruce Schneier running Windows on his laptop, so it's completely safe!!

Re:Some Helpful Advise

[DavidR1991]

I love the weasel words that come out in these kinds of discussions. "Most" - what is "most"? One competitor? (Maybe, Apple?). Because it certainly does not include (on an OS level) Linux, BSDs etc. Heck I'd be surprised if you could say definitively that MS trumps Google (I certainly don't think that's the case)

Re:Some Helpful Advise

[Omega+Hacker]

Even more interesting is that the "hacker" is comparing Microsoft to Adobe and Apple. Adobe is an *applications* vendor, which has no bearing on the OS security discussion. Apple has engineered a far more secure product from the ground up, being based roughly on OpenBSD et al, thus they have far fewer security holes in the first place. Not to mention he's talking about their internal processes, and not the results or the need for the process in the first place.

Re:Some Helpful Advise

[jbeach]

I personally would doubt they're even more secure than Apple. I can't recall the last time Macs around the world were taken out by some virus. Ditto for botnet infections.

Re:Some Helpful Advise

I have owned several Microsoft mice and not has ever been compromised!

Re:Some Helpful Advise

[h4rr4r]

Server rooms around the world disagree. As do smartphones, netbooks and all manner of embedded devices.

Re:Some Helpful Advise

[micheas]

I seem to remember the person that won the P0wn20wn contest stating that there are several security enhancements with regards to the memory stack that are not present in OSX but are in FreeBSD, Linux, and Vista.

But this may be things like the windows login being provably secure, but the firewire driver allowing you to end run the login screen.

Windows has security features that on paper make it look like it could be a very secure system, the problem is that once you have locked it down to use all the security features, you probably have to write your own applications, as most off the shelf windows software does not run in that type of environment.

Re:Some Helpful Advise

[Gr8Apes]

Windows in the hands of a knowledgeable admin is just as secure as Linux or OSX in the hands of an equally knowledgeable admin.

Untrue. Even in knowledgeable hands, windows is still less secure than any *nix derivative in equal or lesser hands. Why? One reason is because of DLL code injection. Another is the completely clueless way MS architected the (in)security system.

Re:Some Helpful Advise

[man_of_mr_e]

He didn't say nobody gives a shit about apple. He said, nobody gives a shit about attacking apple's products (Mac's in particular).

Here's a hint. Say you are going to write a mean nasty program whos sole purpose is to make you money, and tons of it. Will you, a) target 5% of the computers in the world, or b) tartet 90% of the computers in the world?

I know which one I would do. And if you answer differently, then you either aren't being honest, or you have a very warped idea of how malware writers think these days. It's all about return on investment, and they are spending a LOT of money buying 0 day vulnerabilities and writing tons of code to exploit them, rootkits, etc.. it's not just kids in their parents basement trying to put penises on peoples screens anymore.

Nobody gives a shit about the "challenge" of the hack, if it doesn't make them lots of money.

Re:Some Helpful Advise

[Runaway1956]

"Here's a hint. Say you are going to write a mean nasty program whos sole purpose is to make you money, and tons of it. "

Alright, who leaked Bill Gate's business plan?

Re:Some Helpful Advise

[man_of_mr_e]

Linux and FreeBSD boxes get hacked all the time. One can claim it's because people use weak passwords or use the same password on their box as they do on every site on the internet, and there are probably a lot of those boxes that compromised that way, but a lot are also do flaws in software installed on Linux boxes. Spend some time going through sites like Zone-H and you'll see that Linux sites get successfully attaced as much, if not more so than Windows servers (the numbers change from day to day).

You're living in a dream world if you think Linux security is any better or worse than anyone elses. Most Linux boxes have 1000x more software installed on them, and each software package is a potential security flaw waiting to happen. Most of those can only compromise the account it runs on, but attackers are getting smart and creating blended attackes that include multiple vulnerabilities, including local root vulnerabilites that get executed via a user-level remote attack.

But really, the only people who attack Linux boxes are those looking to either brag, or those looking for fat pipe DDoS zombies. Malware authors, who target stupid users who will pay $50 to the fake virus writers are going to target the vast majority of systems.. ie windows.

Re:Some Helpful Advise

[dAzED1]

tired response is tired.

The money is on UNIX systems. That's where the large banks are running their transactions, where stock is being traded, where the military is running it's services, where engineering designs are stored, etc. omgponies you hacked grandpa's 10 year old computer, and added it to your botnet...just what did that get you, really? For just a few $k a month I could build an ec2 cluster that would destroy any botnet in sheer computing power...mostly because I wouldn't have to deal with crazy queing mechanisms, or nicing the tasks down enough to not be noticed by the user.

The reality is, more than anything this tired "people hack windows boxes because they can win more" response pretends to suggest, that UNIX is phenominally more secure on a basic, fundamental, architectural level than Windows. Out of the box, I can trust an app on a RHEL os. Out of the box, I can't even plug a windows machine in to a network without being behind a firewall. I've literally seen, with my own eyes, windows machines get compromised in less than 20 minutes of being online. Sure sure, sample sizes and all that...except, I've also managed hundreds of unix machines at a time without any concerns on them.

Re:Some Helpful Advise

[X0563511]

Running a server on windows is like taking your head and slamming in a doorway 100 times, its painful.

Not only painful, but the risk of brain damage is higher too!

Re:Some Helpful Advise

[sg_oneill]

Posting from a mac here, so dont get me wrong. But apples market increase is not about macs, its about iphones ipods and now ipads. Macs are great things, aint no doubt about it, solid well engineered and damn reliable machines, but its still undoubtably a minority platform.

Re:Some Helpful Advise

Now we are comparing UNIX boxes that run financial institutions to Windows XP boxes run by 14 year old girls who's primary concern in life is weather or not facebook.com loads?

Hilarious.

UNIX systems in Banking institutions are run by competent people and sit on network secured by competent people. It's much easier and less risky to take control of 100,000 Windows machines run by people with zero knowledge of security and next to zero chance of figuring out they are infected than infiltrate a corporate network owned by a bank and run by a professional. Some bank machine getting hacked is going to attract a ton of of law enforcement attention whereas 100,000 Windows boxes being owned is going to attract nothing.

Re:Some Helpful Advise

[man_of_mr_e]

What a ridiculous line of reasoning. The money is in lots of different systems. Unix, Windows, but largely IBM Mainframes running OS's like MVS.

But what OS is used is irrelevant, because those systems are well protected by more than just the OS itself. Further, those systems have the power of the FBI, CIA, NSA and others behind them to track down anyone who might be capable of penetrating the impressive outer security to get to the OS itself. No (sane) hacker wants that reign of hurt to come down on them.

Then, even if you get access.. then what? You have to figure out how to get the money out. That's not an easy thing to do, since there are tons of safeguards in place to prevent money from just evaporating.

It's *MUCH* easier to compromise low-security desktop machines and take over someones checking account, transfering a few hundred or thousand dollars using the users own credentials to someplace offshore. Or, it's even easier if you get the user to do it themselves (ala fake anti-virus).

Your "reality" is not any kind of real "reality".

Wow, you hook a 10 year old operating system up to the internet without any kind of security, and it gets compromised in 20 minutes. Great. I guarantee you a 10 year old copy of Linux could get compromised just as easily if someone had merely had the motivation to write the code to do it.

And trust me, a 10 year old unpatched copy of Linux probably has 10,000 or more vulnerabilities that could be exploited to do so... if anyone cared to.

Re:Some Helpful Advise

[toadlife]

The Windows admin will be going to enormous effort to make everything "just work" without logging in as the NT equivalent of root,

An inexperienced Windows admin might. I haven't had that problem.

any reasonably young distro locks root login by default.

"locking" root (I assume you are talking about distros like Ubuntu) provides no extra security. root is not really locked, as root permissions are used every time sudo is invoked. Besides that, in the case of Ubuntu, the default settings for sudo - to cache the password fot a time after sudo is invoked allows any process running under a users credentials to capture root permissions as soon as that user invokes sudo - basically a built in - *designed in* - privilege escalation vulnerability.

Re:Some Helpful Advise

[dAzED1]

the point is that the value isn't by building a bigger botnet, it's by getting prime targets. If it takes you 10,000 times more effort to get on the large banking system than it does to break on to a windows7 box someone uses at home...so what, it's likely going to be that much more valuable. Even with massive, massive numbers of compromised systems, botnets aren't a money-making venture. Getting that random keylogger to get access to someone's bank account is FAR, FAR more difficult than shooting a spam email to 100,000 people just asking them for the info - you'll get it from a few of them. No need to actually break on to a box for that sort of thing, you just break the person. The OS is thus irrelevant.

Linux isn't less of a target, it's *more* of one. There is less success hacking it not because people don't want to hack it, but instead...wait for it...because it's more secure. I could go over the reasons why in detail, but if you haven't figured it out for yourself after all these years, then...hey, fanboi away.

Re:Some Helpful Advise

[drsmithy]

The money is on UNIX systems.

Which are professionally managed and monitored. Why would you target them, when you can target the (typically) very UNprofessionally managed and monitored client machines, which have access to everything that matters on those central systems.

Obligatory car analogy: would you try and steal the locked car kept in a brightly lit garage with a guard watching it 24x7, or would you try and steal the unlocked car parked in a dark back alley on the edge of town that's only driven a few times a week ?

The reality is, more than anything this tired "people hack windows boxes because they can win more" response pretends to suggest, that UNIX is phenominally more secure on a basic, fundamental, architectural level than Windows.

In what way ?

Out of the box, I can trust an app on a RHEL os.

What about the users ? Most security breaches come from users, not from software flaws or bugs.

Out of the box, I can't even plug a windows machine in to a network without being behind a firewall. I've literally seen, with my own eyes, windows machines get compromised in less than 20 minutes of being online. Sure sure, sample sizes and all that...except, I've also managed hundreds of unix machines at a time without any concerns on them.

Plug a comparably configured and aged RHEL machine, unprotected, on the 'net and it's going to get cracked as well.

Re:Some Helpful Advise

[penix1]

If you leave everything set to auto-login, then you are asking for trouble. Amazingly, many still seem to do this, even though they are often young enough to have never been brought up to the bad habits people acquired with DOS.

That really can't be blamed on the user. The blame rests squarely on both Microsoft who encouraged it with their "Home edition" and large scale computer distributors (HP in particular) where the default is auto-login. And not just any auto-login but administrator auto-login. It comes from the dumbing down of the OS to gain the dollars of the unwashed masses. We all know grandpa is too dumb or will get too frustrated having to enter passwords (much less really secure passwords).

Re:Some Helpful Advise

[s13g3]

Er... stupid 4chan meme is... lame and old and tired and, well... stupid.

Let's see, where to start... Ok, yes, large computing operations are all done on *nix. I manage THOUSANDS (note the plural) of *nix servers (and nearly as many Windows servers), and while I'm much less concerned about their default installs on a *nix, even those are just as capable of being compromised, especially depending on the distribution. And no, RHEL is not what I'd consider one of the more secure ones, unless you're also leaving SELINUX enabled, which robs the machine of a great deal of functionality and connectivity: put a default Plesk install on a *nix machine on a non-firewalled publicly addressable IP and watch how long it takes to get compromised - I can do it in under 3 minutes. You also probably have no idea just how many production *nix servers are hopelessly behind on kernel and other system updates, leaving them vulnerable to a dizzying array of compromises and exploits against everything from HTTP to SSH to webmin/usermin. Much like a Windows system, even *nix systems need some post-install configuration to ensure their safety, as well as continuing maintenance and updates, otherwise over time they become just as vulnerable as anything else, and there is no dearth of noob *nix admins who think that simply using a *nix makes them invincible and regular security maintenance unnecessary.

Also, yeah, let's see how long your "few $k a month" server(s) stands up to 10GB/s sustained DoS from Zeus or the remnants of Mariposa - unless it isn't connected to a switch that is in turn eventually connected to something else, in which case it's more or less useless for business. Botnets aren't used for computing power, and if they in fact were, I do believe you'd be rather chagrined by your above statement. There's a REASON that the various BOINC projects have been running so long, and not just because it's cheaper: it's because they crunch far more data in these distributed applications than they could do in their own server farms at any reasonable cost. Once again, this isn't the point.

Additionally, you missed the points raised by other posters above re: low-hanging fruit. You don't go after the better-administered (and a lot of Windows server admins use Windows because they have no admin skills at all), better secured servers, you go after the easy ones. Ones you can get a trojan on a 5 million Windows desktops and servers, stealing passwords and credit-card information from the former and using the latter to host the attack sites distributing your malware.

As man_of_mr_e said, especially if you live in a civilized country (which does not include China, Russia, N. Korea, Iran or Brazil, IMNSHO), then attacking a corporate system with the risk of the FBI etc. coming after you is not remotely worth it, especially when you can go after individuals who are unlikely to ever successfully initiate any sort of law enforcement action. "Grandpa's 10 year old computer" probably has his bank password on it, however.

Re:Some Helpful Advise

[toadlife]

That's a privilege escalation vulnerability. Those have existed in every OS since the the concept of privilege separation was first introduced. Like that one, many vulnerabilities (read: sshd) end up being present for several years before being discovered/disclosed.

Your original post inferred that Windows contained an inherent design flaw that always allowed dll code injection, which is bullshit.

Re:Some Helpful Advise

[man_of_mr_e]

You are confusing "vulnerable" with "exploited". I guarantee you that your system is vulnerable. There are several high profile apache vulnerabilities, for instance. I'll also bet you've applied security patches, which is not the same thing as taking a stock, unpatched system and connecting it directly.

I'll also bet you've enabled and propertly configured the firewall, something most people simply won't do.

Re:Some Helpful Advise

[man_of_mr_e]

The part you keep forgetting is that 100% of the mac market isn't anywhere near as lucritive as 10% of the Windows market. So having 100% of the mac market (even if you could get that) won't make you as much money as infecting 10% of windows boxes.. yep, you know where they're going to go.

Re:Some Helpful Advise

[man_of_mr_e]

Whether or not Windows is "low hanging fruit" or not is a matter of opinion, but the fact is.. it doesn't matter.

Even if windows were 100x more secure than any other OS, it would still have the majority of the malware. Guaranteed. Because it has the majority of the reward.

Hackers may be lazy by nature, but they will do whatever work is required to get the job done (and usually no more). So one cannot look at the amount of exploitation as an indication of the level of security, since one also has to look at the motivations of the attacker, and the ability of the target to provide what the attacker seeks.

Unix and Mac systems do not provide the level of reward that Windows systems do, and none of them have any serious consequences for failure.

Sure, ATM networks would be the holy grail, except the consequences of failure are very high, and there are lots of people willing to hunt you down if you screw up in attacking something like that.

Not so much with desktop PC's.

Re:Some Helpful Advise

[md65536]

But they have improved, and this should be both acknowledged and encouraged.

Sure, maybe in Linux vs. Mac vs. Windows forums such as slashdot. But pertaining to the original story, that of Google dumping Windows, Microsoft is being -1 off topic in talking about how much their grades have improved in remedial school. That's beside the point. It is not Google's responsibility to pat Microsoft on the back for making strides to catch up to where they should be. Good for Google, I say, to have the means to dump Windows for something that suits them better. Nothing encourages Microsoft to improve their products, more than losing market share. It's just too bad for them that they waited so long to start.

Re:Some Helpful Advise

[dAzED1]

Er... stupid 4chan meme is... lame and old and tired and, well... stupid.

I honestly don't know what the fark you are talking about.

Also, yeah, let's see how long your "few $k a month" server(s) stands up to 10GB/s sustained DoS from Zeus or the remnants of Mariposa

Wow. Well, you um...quoted part of that sentence, and either ignored or didn't understand the rest. Let's repeat it, shall we?

"For just a few $k a month I could build an ec2 cluster that would destroy any botnet in sheer computing power"

Unless you're a person merely after epeen, then botnets are outdated. If you're actually trying to do something useful with a horde of computers, then that's another matter. I have lots of ec2 instances that cost me 3.1 pennies...that's $0.031....per hour to run. That's with 1.7G of ram, and I don't even remember how much disk space (I discard what it comes with and use ebs, so meh). So let me repeat - for just a few $k I could build a globally distributed ec2 cluster running out of dozens of different data centers, and serving content from globally distributed CDNs. Your grandpa XP box botnet will indeed have a hard time not only doing something useful, but even taking down such a beast. That said, I don't need to get crazy with any such clusters, because...well, I'm not trying to compete with large botnets :) But for the effort required to create and manage one, I could do better in the cloud. It's why botnets are dying.

Additionally, you missed the points raised by other posters above re: low-hanging fruit.

Farking bloody hell I did not. I deliberately and distinctly said I disagree with that notion. The fruit is hanging lower not because it's more prolific, but because it's easier. Social hacking is OS-agnostic, and is more rewarding than going after grandpa's info brute-force, because...well, who the hell knows where he put that bank info, but if you can send out 500,000 spam emails saying people need to send in their bank info or they'll lose their accounts...and only 10 of them reply...it just cost you almost nothing to get that money. Far less effort than actually trying to break on to 500,000 boxes and rifle through their files.

Windows is hacked via script-kiddies that use old, easy, exploits. It's hacked via silly exploits that make your computer do silly things. And almost all the time, the net result is your computer is farked up, and you need to clean it. Generally, considering the automated nature of the hacking, they haven't done anything useful yet if you figure it out relatively soon.

And not a damn bit of that has anything to do with the fact that unix was built as a multi-user server environment, with no regard for clippie, games, or etc - while Windows was built as a single-user desktop environment, with no regards to ssh, stuff other people want to do on the machine, etc. They're just different systems, meant for different things. MS can try to dress up their latest thing as some new monster, but really...they should just be pointing out that their OS is far more user-friendly and intuitive to the general public than unix is, but that such comes with a cost. The old adage goes pick 2: cheap, fast, good. Windows chose cheap and fast. Maybe the great innovator Gates shouldn't have been so dismissive of the Internet for so long, and he wouldn't still be playing catch-up.

Re:Some Helpful Advise

[TiberiusMonkey]

Because if Macs were so easy to hack, as well as all being sat without anti-virus software, I'd pick the easy target for what is still a good 90 million user base. Not only that, but the perk points for writing the first real wide scale OSX virus would be worth it, alone. I'm only willing to listen to this "there are more Windows machines than OSX machines" argument for so long, OSX was released in 2002 and yet there is still nothing. Sure if there was one or two viruses out there I'd see your point, but nothing? No viruses at all?

Re:Some Helpful Advise

[Bert64]

That's entirely the point, on paper windows has a very impressive set of security features, but once you get down to trying to use them the cracks show...

The password hashing is trivially weak compared to what other systems have...
The authentication system is tied in to the hashing algorithm so it cant easily be changed without breaking things...
The authentication system is designed such that you never need to send the plain text password over the network, but you don't need the plain text password - you can just use the hash (google for hash spraying or the windows auth model is broken)...
Many of the group policy restrictions are implemented in userland applications and are easily bypassed...
Windows and its associated network protocols are extremely complex (greater complexity leads to greater chance of bugs) and in those network protocols there is often no clear demarcation between what functions can be accessed pre-auth and whats available post-auth... RDP for instance establishes a full gui session *before* you log in meaning any of those gui functions are open to attack by unauthenticated attackers...
File extensions are used to differentiate between types of file and wether a file can be executed or not, although windows does implement execute permissions through acls they usually allow execute by default. a remote web/ftp/whatever server can control the filename but not the permissions...
The complexity of the windows security system means that very few people try to use it fully, and those who do need to expend significant effort to get things working with it. Because so few people harden their systems in this way, very few applications are designed to run in such an environment and many simply don't.
Windows is generally not modular, so removing things you don't need is far more difficult than it should be, win2k8 has gone some way in this regard but its still a long way from the package managed modularity of linux.
Windows has a very messy filesystem layout, files are randomly lumped together in the windows and system32 dirs, unix has a far more sensible design which lets you do things like keep core parts of the system on read-only media.

Windows is an unholy over complicated mess, consisting of parts of a relatively well designed OS (NT), merged with parts of an extremely poorly designed OS (win9x) and various poorly designed subsystems on top...

Unix on the other hand keeps it simple, its easy to know exactly whats going on with a unix system, and the more you understand about a system the better you can monitor and harden it.

Re:Some Helpful Advise

[mjwx]

tired response is tired.

Uninformed response is uninformed.

The easy money is not on Unix, it's on Windows. So Vladmir Q MalwareWriter wants to build a botnet to sell to spam or DDOS services, is he going to pick 1% of the worlds most powerful but well protected computers or 90% of computers where at least 60% of that market doesn't care about security in any meaningful way.

Yes, the big money is on UNIX, banks, stock exchanges and so forth but these orgs have dedicated security teams monitoring the systems 24/7. Like the GP said, do a quick cost/benefit analysis here, there is less money on Windows but it's dozens of orders of magnitude cheaper and easier to get. Ultimately, if you are doing something clandestine on someone elses equipment you do not want this noticed by the people using that equipment. How long would a trojan remain undetected in a bank?

The reality is, more than anything this tired "people hack windows boxes because they can win more" response pretends to suggest, that UNIX is phenominally more secure on a basic, fundamental, architectural level than Windows. Out of the box

But it is. Out of the box, Ubuntu (arguably, one of the weakest distro's in terms of *nix security) is miles ahead of Windows and Mac OSX (both still permit blank passwords).

Here's the rub, it is not easy to configure *nix to be less secure then Windows but it can be done. Mac OSX has almost done it (saved by the virtue that OSX does enforce separate user permissions). Windows and OS X are very difficult to secure properly unlike Linux and other *nixes. OS X makes it even more difficult because Apple insist on propagating a false sense of security around Macs (you cant get viruses, OS X is 100% safe). Security through obscurity, Mac's can get viruses and trojans the same way 90% of windows boxes get viruses and trojans, the user installs them and giving the user a false sense of security will only exacerbate this. If OSX gains a significant market share we will see OS X viruses becoming as abundant as Windows viruses because the biggest weakness for any system remains in the end user.

Re:Some Helpful Advise

[AlexiaDeath]

You are right about the low hanging fruit. There's a catch tho. A *nix system is never going to be a low hanging fruit, even if the admin is a dumb user. Why? Because it's not a monoculture. For the same reason its so hard to provide a Linux binary that will work for every version it also hard to devise an attack that would compromise a significant number of Linux machines because each of them is in some way different. Even if one install is old and unmaintained, there is no critical mass of systems like it.

Re:Some Helpful Advise

[zeropointburn]

Your last point is worth exploring further. If Linux systems comparable in age to XP are compared, there are in fact exploits in the wild. That would invalidate the argument that linux is too low in install-base to be targeted. What we see today is that with very few exceptions, 10-year-old linux systems aren't in use because they have been updated, patched, made more secure.
  If we assume that the 10yo RHEL and the unpatched XP boxes are equally secure, then over time RHEL gains security when compared to the XP machine due to more frequent fixes. It may lose ground (though not necessarily fall behind) at XP service pack releases, but over the lifespan of the systems the linux system is normally more secure than the windows system.
  Both systems require actions considered arcane by joe user when a difficult patch or upgrade comes along. For Windows, this is often because the necessary setting is buried beneath a mountain of dialogs, panels, and warnings (if the upgrade even does what it says it does). For Linux, this is often because the user must first obtain appropriate privilege, find the config file or script, and make specific text changes. It is confusing on both sides for the general user. For the more advanced user, Linux is far less irritating and insulting. It can be more work to get something working right sometimes, but it is often a lot less work to get back to that state after a serious problem.
  My requisite example would definitely be MS-SQL server 2005. With multiple instances, uninstalling one instance also uninstalls the tools necessary to remove other instances. A massively complicated series of steps involving registry edits, manual file deletion, special MS utilities, and a healthy dose of prayer (or chicken sacrifice) is necessary to get the box working again without a full reinstall. In fact, the repair process is far more complicated than backup > format > reinstall OS > reconfigure.

  I guess what I am saying is that most Linux systems are run by competent people, and that certainly does contribute to the platform's reputation for security. Even if you are not entirely competent, Linux can be made secure with a lot less effort than Windows and that also contributes. For Windows, though, the efforts made for security are often too little, too late, or too difficult. It is getting better, but it hasn't reached 'good' yet. How about a sandbox for suspicious executables? Let joe user drag his email attachment/activex control/shareware program to the sandbox (or let windows silently do it for him) and let it execute there, with no access to anything exploitable. If it is some harmless inane video, great. If it's a virus or if it tries anything stupid then the system quietly deletes it with no damage done. Sure it's more extreme than anything we would tolerate on linux, but how many hundreds of bank accounts and how many tens of thousands of windows reinstalls could that one feature save every day? (not to mention the bandwidth cost to Microsoft for the massive backlog of patches and updates after said reinstalls)

ROFL?

[snowboardin159]

can i be the first to just say... ROFL

Security?

[WahCheng]

Security is NOT about patching holes, a system must be designed from the ground up to be secure. Doze and it's predecessors were NEVER designed this way. Mind you, it's created one hell of an industry patching holes.

Re:Security?

[hedwards]

That's just the thing, investment is one thing, but what has been their return on investment in terms of security? Are they really getting their moneys worth out of it, or are they just throwing it down a hole like they've been doing on IE. It's not just the investment it's the stupid ideas that they've failed to kill, most notably activex and the tight integration into the OS.

Re:Security?

[MrEricSir]

They've added a lot of security. For example, when I debug an application on Windows 7, I have to click four dialog boxes instead of just one. If that isn't real security, I don't know what is.

Re:Security?

[Barny]

This is the total point, it shouldn't matter if your apps have holes in them or not (although "not" would be best), they should never have the kind of privileges that allow things to take over (do a little search for "smitfraud" and you will understand what I mean).

They seemed to be going top-down for a long time, when only now are they starting to realise that sandboxing (UAC) the user from the OS is a good idea, not the best, not 100%, but they are almost on the cusp of "getting it" at last :)

Re:Security?

[hedwards]

A shill's a shill. UAC in vista was more or less completely worthless because it was so intrusive that nearly everybody turned it off. Patch Tuesday is not the definition of prompt security updates. The permission system they use has gotten a lot better over the years, but it's absolutely inexcusable that Windows XP was allowed to ship without a proper security model. Yes, that's kind of an old OS, but it is still heavily used in the Windows world and it did ship at a time when proper security models dating back decades before indicated that running everything as admin was bad. Technically you didn't have to, it's just to get any work done at all you had to be.

Some of these things MS has fixed, but most of it is just whitewash. The internet was never something they planned for. And it took them a really long time to even consider stopping to just fix things properly. Sure they may spend more time and money on security than the competition, but is it being productive. The actual effect is what's important, not the amount of resources.

Re:Security?

[WrongSizeGlass]

They've added a lot of security. For example, when I debug an application on Windows 7, I have to click four dialog boxes instead of just one. If that isn't real security, I don't know what is.

Well, four is greater than one. A car has four wheels and a unicycle only has one. A car is more secure than a unicycle. In fact, in a collision between a car and a unicycle the passenger(s) in the car will always be safer - even if the car isn't moving. Based on the preceding car analogy I can confidently declare Windows 7 is more secure than a unicycle.

Re:Security?

[edelbrp]

True.

One argument that seems to come up over and over again when the topic of security comes up is that Windows is targeted because it's more popular. The fact is that modern networked equipment, from routers to printers to VoIP gateways, to gaming consoles, to cable modems, to smart phones, etc. run an OS with a network stack. Often many of these devices go for years without patches. I would argue that there are more non-Windows based networked computing devices than Windows PCs. I would also argue that hackers would love to sink their teeth into all those identical game consoles and other devices so they can skim CC #s and do the usual botnet activities of spam and DoS attacks.

Yet, it's rare that we hear of an exploit for those devices, while at the same time, it's so common to have a Windows computer get infected with something that it's almost considered a normal occurrence. From one point of view, it could be seen that Windows PCs have more general utility and therefore more security risks, particularly for attacks that rely on the user to do something to enable the attack. But, on the flip side, lots of identical appliances only need one attack vector to make them all susceptible and they are less likely to have the ability to phone home for security updates.

Microsoft's track record is horrible, and it's complicated by the fact that they not only make it a hassle to get updates, but there's often little incentive in the way of new features or assurance that it won't break something. Window's security problems may also stem from the history of the OS not putting a priority on networking and therefore, security (remember Bill saying the Internet was a fab and just a home-shoplifting-network?).

Re:Security?

[blair1q]

UAC in vista was more or less completely worthless because it was so intrusive that nearly everybody turned it off.

Only people who didn't read the directions turned it all the way off.

I turned it down so that it only pops up if I'm about to install something. Now it only pops up if I'm about to install something. Oboy, click this box to install; yeah, I meant to install that, thank you for checking. Like that's a big hassle. In general, because of the improved installation system, it's still a lot fewer clicks than it used to be.

Re:Security?

[nmb3000]

Security is NOT about patching holes, a system must be designed from the ground up to be secure. Doze and it's predecessors were NEVER designed this way.

Is that why Ubuntu 8.04 prompts me to install some hundred or more security updates after installing it? No software is perfect and anyone who thinks that the only secure system is on that is "designed from the ground up to be secure" either A) has never worked on a large software project and/or B) doesn't have a clue what they're talking about.

What is so fundamentally more secure from a design perspective about the Linux kernel compared with the WinNT kernel? How about a distribution like Ubuntu compared with Windows XP/Vista/7? Since one was "designed from the ground up to be secure" I sure hope you can point out a few design choices specifically.

Since all software (even the Linux kernel and its ilk) have security holes, the ability and speed at which you discover the exploits and issue fixes for them is at least as important as the initial design and coding of the program. It's naive and obtuse to think any complex system will be perfect from the get-go.

Re:Security?

[Iyonesco]

Everything in Windows 7 takes four times as many clicks as in XP so that's simply consistent user interface design.

It's a shame that the one and only aspect of the Windows 7 interface that is consistent is somewhat of a negative one.

Re:Security?

[man_of_mr_e]

But.. but.. you don't know what you're talking about...

Security patches on Linux are evidence that Linux has such a secure system that patches can be found so easily. Security patches on Windows are evidence that Windows sucks.

Get with the program.

Re:Security?

[0123456]

So let me get this straight, UAC is both:
1) Too easy to ignore as you just have to click 'yes' every time
2) Too intrusive as it pops up whenever a program requires administrative privileges

Sure, don't bother to respond to what I post when you can just make stuff up instead.

At least as far as point 2 goes, mac os and many linux distros are "worse" as they not only prompt, but require your user name and password.

Like that.

Linux occasionally asks for my password or the root password (depending on the distribution) when I'm performing some kind of system maintenance. The only time it asks for a user name is when I log in.

Windows asks me to click yes to allow SuperFoobarScreensaver wants to access the program files directory; how the hell is anyone supposed to know whether it's trying to update a configuration file that the dumb developer stuck in the program files directory, or install spyware into IE? Worse, it happens so often running ordinary everyday software that pressing 'yes' becomes second nature.

Windows 7 has an OK kernel with a bazillion lines of crud on top in order to support old software that thinks it's running on a single-tasking DOS with no security. That is why Windows will take at least a decade to be anywhere near as secure as a real operating system, because it has to burn off the crud first.

The concept of Windows's UAC is fine, it just boils down to poor UI design.

Which is what I said.

Re:Security?

[Barny]

Sandboxed so far as user limits (as in linux) or even browser windows (like in chrome browser), yes it does have overheads, but really, isn't security worth a little extra CPU time since without all those anti-virus and anti-spyware apps running we can free up a whole lot of resources?

Re:Security?

[shutdown+-p+now]

A security model ain't worth crap when so many applications won't run if you're not an administrator.

That's not a problem with security model. It's a problem with applications. Most of them don't have to be designed to, say, write to "C:\Program Files" - indeed, most can be trivially changed to avoid this - but they still do, because developers are lazy, and because you could do that in Win9x. This has nothing to do with XP as an OS at all.

Probably because you're talking crap. People don't complain about gksudo because they hardly ever see it, and generally only do so when performing some kind of operation that absolutely requires admin priviledges; UAC comes up routinely when you run ordinary every day pre-Vista software and with some that's not even that old.

Again, "UAC coming up routinely" is not part of the OS security model. It's a problem with badly coded legacy applications.

Note, I'm not arguing that it's not a problem. It definitely is, which is why e.g. to get "Certified for Vista/7" sticker you have to write apps properly - so Microsoft pushes software developers to fix this in their apps. However, your original comment says:

Windows XP was allowed to ship without a proper security model.

and my point is that none of your examples demonstrate any flaws with security model of Windows XP per se.

Re:Security?

[w0mprat]

Security is not a one time design effort. It's a ongoing process. The layout of interface is a one time design effort, because if you get that wrong it is a problem every single time your interface is used a flaw wastes a little of someones time, and it's hard to make changes without pissing off your user base.

Security is the opposite. Great design should not be your focus. It helps, but you cannot forsee everything.

Microsoft not only never planned for the internet but they failed to be a moving target also.

Re:Security?

[Ash-Fox]

So go ahead, explain what exactly is inproper in Windows XP security model, preferably in comparison to "proper security models dating back decades".

I'm not the original poster, but some things I was doing in Ubuntu before Vista was even out. I have no idea when these things came into existence, but I believe these concepts already existed previously in other systems. All daemons with the exception of x.org were running under their own restricted user name accounts that were locked down enough to not touch the rest of the system while Windows runs daemons under various accounts including SYSTEM, LOCAL SERVICE, NETWORK SERVICE which all have varying degrees of access to the rest of the system which is how many Windows worms are capable of accessing the rest of the system.

As for UAC, it's exactly the same as gksudo.

I don't see how, gksudo is not wrapped around applications waiting for them to perform some operation that requires extra permissions and then prompting about it. It requires you run the command in question as the given user if you wish to do so. Unlike UAC however, these commands are usually simplified in some way such as you will see it prompting to run '/usr/bin/updatedb' as gksudo rather than application want to do action "{0f15391e-105f-4b05-91e3-48b73c60ae63}". Even for power users, stuff like "{0f15391e-105f-4b05-91e3-48b73c60ae63}" makes no sense. Does that mean it's going to install adware in IE? Does that mean it's just going to read/write some configuration settings? No idea. At least with gksudo you could see exactly what script/command it was executing and investigate.

gksudo also is not vulnerable to window messaging APIs like UAC is, where by you can craft various specially crafted applications to push buttons and such (hint: just get the application to toggle compatibility flags to get around windows 7's fixes against that) which defeats the whole purpose of Microsoft locking down console 0, but alas...

I can think of other things employed such as intrusion detection and elimination done on Linux via things like apparmor and selinux. Windows' closest functionality to that is group policy settings and unfortunately it is no where near as capable.

I hope this was sufficient enough to answer your question.

Re:Security?

[shutdown+-p+now]

All daemons with the exception of x.org were running under their own restricted user name accounts that were locked down enough to not touch the rest of the system while Windows runs daemons under various accounts including SYSTEM, LOCAL SERVICE, NETWORK SERVICE which all have varying degrees of access to the rest of the system which is how many Windows worms are capable of accessing the rest of the system.

It's perfectly possible to run services under other accounts, so it's not a security model problem.

This is more of an issue with default configuration, which no-one really bothers to change. I agree that it is still a problem, by the way, though there have been some changes in that department in MS products - e.g. SQL Server installer will try to force you to create a separate user account for its services.

I don't see how, gksudo is not wrapped around applications waiting for them to perform some operation that requires extra permissions and then prompting about it. It requires you run the command in question as the given user if you wish to do so.

That is precisely how UAC works, actually. A process cannot elevate itself via an UAC prompt. It can only spawn a new, elevated process. Furthermore, this can only be done explicitly - an app written without knowledge of UAC will not cause an elevation prompt to pop up by doing something it's not allowed to do. It'll just get an error code from the API call that it made which will amount to "permission denied".

Unlike UAC however, these commands are usually simplified in some way such as you will see it prompting to run '/usr/bin/updatedb' as gksudo rather than application want to do action "{0f15391e-105f-4b05-91e3-48b73c60ae63}". Even for power users, stuff like "{0f15391e-105f-4b05-91e3-48b73c60ae63}" makes no sense. Does that mean it's going to install adware in IE? Does that mean it's just going to read/write some configuration settings? No idea. At least with gksudo you could see exactly what script/command it was executing and investigate.

A well-behaved application will just provide descriptive text to UAC.

A malicious application can generate a temporary script with contents that contains the actual nasty stuff, but with a convincingly sounding name that is good enough to fool a casual user.

gksudo also is not vulnerable to window messaging APIs like UAC is, where by you can craft various specially crafted applications to push buttons and such (hint: just get the application to toggle compatibility flags to get around windows 7's fixes against that) which defeats the whole purpose of Microsoft locking down console 0, but alas...

Erm, that's the whole point of running UAC prompts on a separate desktop - no application can "push buttons and such" on it.

Your reference to some compatibility flags that, if I understand you correctly, let one work around that is interesting, but I'm not aware of such a thing. Can you provide references?

I can think of other things employed such as intrusion detection and elimination done on Linux via things like apparmor and selinux.

It's a good point, but how many desktop Linux distros run AppArmor or SELinux in practice (and I mean not just out of the box, but rather not disabled or dumbed down to the point of being useless immediately after install)?

And what about OS X?

Re:Security?

[erroneus]

I think you have been living in the Windows reality distortion field too long. An application doesn't need "low level access" in order to do useful or even powerful things. To write a 3D modelling app, you don't need a kernel module to gain direct access to memory -- you just need good, proper, APIs such as OpenGL. User-mode drivers have proven to be quite useful in *NIX... take for example "fuse" file systems and the like. How nice would it be in Windows to be able to mount a CD/DVD ISO image or some other [virtual] file system without having to have administrator rights to accomplish this? *NIX can accomplish this rather trivially and securely. Don't need root, just need membership in a group with those focused privileges. (For example, a tty or dialout group that grants a member access to particular serial port/communications devices on the system.)

Windows is pretty much "need administrator access" for everything. There is "power user" access levels but it's usually quite useless. The Windows security model is great in some ways, but falls short in so many others.

Now as for what you just said, "for total security, [a program should not] accept data and also connect to the internet at the same time" I can't imagine how else one would run a web browser or even telnet. Having source code to verify what a program is likely doing answers that concern pretty well. Most of us know that we can't completely trust Microsoft Windows for the very reason you just mentioned -- we don't know for sure what it is doing. Is there REALLY a "genuine advantage"?

Cisco

[abigor]

Well, I can tell you right now that a lot of Cisco's engineers use Macs, and server-side it's Linux. That said, I imagine Cisco management, marketing, etc. are mostly Windows-based.

Re:Cisco

[ThePhilips]

That resonates with my own reading of the quote: all companies who are on the receiving end of M$' security investments praise the investor.

And obviously anti-virus companies would tell that Windows is better: without the swiss cheese OS they would be out of job.

Microsoft?

Secure products?

Crap.... woke up in the wrong universe again.. I hate when that happens.

Focus and Investment

[Weaselmancer]

Nice zero content marketingspeak there:

"...third-party influentials and industry leaders like Cisco tell us regularly that our focus and investment continues to surpass others."

Focus and investment. Notice "results" aren't on that list.

As a side note, I'd also like to add that lately BP has had a huge focus and investment on cleaning up oil spills. More so than any other oil company. But still - nobody loves them this week. Wonder why?

Re:Focus and Investment

[grcumb]

Nice zero content marketingspeak there:

"...third-party influentials and industry leaders like Cisco tell us regularly that our focus and investment continues to surpass others."

Focus and investment. Notice "results" aren't on that list.

SECURITY ANALYST: WTF? You invest billions and billions of dollars trying to fix your software, and this is the best you can do? Christ on a kebab, man! Do your developers even know how to tie their own shoelaces? What do they do, sit their slack-jawed at their desks all day, watching the grass die on their Farmville plots and pissing their pants because they can't even remember where the toilet is?

MS MARKETING PERSON: sotto voce Hmmm, billions spent... developers unable to leave desks... Ah!
[WRITING] "industry leaders tell us regularly that our focus and investment continues to surpass others."

Microsoft products are the most secure?

[morgan_greywolf]

Microsoft has come a long, long way in security, yes, that's true. But the most secure? No way. Not compared to systems designed around security from the ground up like OpenBSD or a security-hardened Linux distro with SELinux and the like. I really like the progress that Microsoft has made, and Windows 7 is much improved over previous Windows versions, but if I want a system that's truly secure, it's not a system I'm likely to pick.

Hi, I'm a hacker...

[thestudio_bob]

Hi, I'm a hacker and Windows 7 was my idea.

Keep saying it and one day it might stick

[kaptink]

All I know is that for more than ten years I made good money removing malware from Windows boxes. In all fairness tho Windows 7 is a much better effort at a secure OS but saying that 'hackers' are making such comments is just not all that believable. Any serious geek will tell you the long sorded history of windows and all its memorable virii, malware and hacks is nothing to be proud of but I guess if you start telling people what you want them to think and keep at it one day it will stick. I think a few statistics should set the record straight.

Re:Keep saying it and one day it might stick

[dave562]

Any serious geek will tell you the long sorded history of windows and all its memorable virii, malware and hacks...

Where are the equivalent virii in 2010? I remember Code Red and Slammer and the really malicious code that was raping any system stupid enough to expose 135/137 and 445 to the world. I don't remember any malware of that league in recent memory. The worst malware these days seems to be the AntiVirus 2010 and its related ilk. The malware itself is insidious and requires a pave and rebuild "just to be sure". The infection vector is the same old, same old mess of compromised websites and browser exploits. So in that regard Microsoft is getting better. Their software isn't getting owned two minutes after being connected to the internet. Like others have mentioned, they still have a long way to go.

I will believe that Microsoft has figured out secure software once they properly sandbox their browser and manage to prevent malicious code from breaking out of it to compromise the system. There is not any reason why visiting a webpage, either deliberately or through a redirect, should result in a compromised system.

Re:Keep saying it and one day it might stick

[Dynedain]

Where are the equivalent virii in 2010? I remember Code Red and Slammer and the really malicious code that was raping any system stupid enough to expose 135/137 and 445 to the world. I don't remember any malware of that league in recent memory.

That's because modern spyware is more focused on hijacking your machine to be part of distributed botnets. That means you don't want the user to realize the machine is compromised. As such, vandalism is less prominent in favor of the lucrative enterprise of selling access to the botnets.

Re:Keep saying it and one day it might stick

[dave562]

You are right that the focus has changed. The infection vector has also changed. The old vectors don't work, or if they do the access to them has been mitigated on the client by the software firewall, and on the network permimeter by hardware firewalls. The operating system has been hardened to the point that most of the exploits are targetting applications. That is an improvement. Once they figure out how to properly sandbox the applications, the entire system will become more stable. Whether or not Microsoft is really up to the task is debatable.

Uh huh

[starfishsystems]

Right. That's why there's no longer any market for third-party virus checking on the Windows platform.

And all those idiotic corporate restrictions on email attachments can go, too. That'll be a great relief, because right now I can't even attach a zipfile without Outlook complaining about it.

And those flashes of screen content that appear when I reconnect to a locked Remote Terminal session, those are just in my imagination. No information exposure there, any more. Good, cause that was really stupid. Wait, I'd better check. Nope, still there.

And those irritating and needless messages requesting permission after I've launched an Active Directory management window, those are gone too, right? Because now the system has finally caught up to the X Window System technology available back in 1993?

Oh, no. Actually, I just checked, and it hasn't.

Wow, Microsoft. I am impressed. You actually drank the kool-aid to prove that it was harmless. Except that it's not.

Re:Awwwwwww, crap!

[Barny]

Damn you, now i sprayed my tea all over my keyboard with the image of Steve doing a ventriloquist act with a puppet of clippy :) (since bill doesn't work there any more)

Vista reinstall

[NetNed]

I did a reinstall on a Vista machine recently for a friend. 100+ windows critical updates later and it was done! Really, the install itself took a fraction of the time that all the updates took. I guess if security is measured in security updates, you win Microsoft. Now claim your paper hat that says "We Won!"

Google is the competition..

[naelurec]

Google is Microsoft's #1 competition right? Of course Microsoft wants Google to continue to use Windows.. not using Windows puts Google at an even further advantage.. its not like Microsoft can drop using Windows for its internal systems.

Focus and investment != results

[Todd+Knarr]

Certainly Microsoft's focus and investment surpasses everyone else's. That's because it needs to simply to tread water. The problem is that most of Microsoft's security problems aren't bugs, they're design features of their system.

There's a quote from a boss: "I don't want the industrious guy who'll keep busy doing things over and over. I want the lazy guy who'll do it once, right, so he doesn't need to keep doing it over."

Re:Both have problems

[hedwards]

Hmm, I must've missed MS beating out OpenBSD for security.

Re:Both have problems

[dclozier]

I always figured they hacked the prize they valued most and that's why Windows was on the bottom of the list.

Re:Both have problems

[bryan1945]

The latest results I could find was from 2006. Do you have a link to a new competition?

Microsoft products are the most secure lawnmowers

[davecb]

Poor chaps, they can only make a "c2" grade in the old orange-book (U.S.Department of Defense) grading by removing the networking, while a mainline Linux distro hits b1 (courtesy of the CIA).

--dave

Re:Both have problems

[butalearner]

I don't like MS, though the truth is that with this last Windows, they are really more secure than others SO's, if you guys pay attention in the hacker championship, that one the gives a prize for the fastest hacker that invade one system, the fast invasion happens into Mac OS X, then Linux and Windows for last.

Oh, you mean Pwn2Own? 2010? Nope, Linux not tested. 2009? Nope, not tested. 2008? Can't be, the Sony Vaio running Ubuntu was never cracked.

Anybody got results from 2007 or earlier? I can't find them.

Re:Both have problems

[Kitkoan]

I always figured they hacked the prize they valued most and that's why Windows was on the bottom of the list.

Wrong. They always hacked the Mac because Apple is way easier to hack then Microsoft

From the links article:

This came in via e-mail: Many pundits have made a lot of the fact that the Mac was the first to be exploited in the Pwn2Own contest. Was the choice of the Mac as the first target because the hardware/operating system combo was more desirable as a prize than the commodity Windows laptops of the other competitors? Or was it just because Macintosh exploits occur with much less frequency than Windows exploits and would therefore be more newsworthy?

So until this year, applications on Apple were way easier to exploit than Windows. This is because Apple had weak ASLR and no DEP while Windows had full ASLR and DEP. This year, Snow Leopard has DEP, so its no longer trivial to exploit. In fact, I have lots of bugs in Safari that I easily could have exploited on Leopard but will be very difficult on Snow Leopard. So it used to be that that it was much worse, but now its mostly comparable (although still slightly behind)

And this is from Pwn2Own 2010.

Shut up, Microsoft, just shut up.

[bmo]

When you finally get rid of "hurr, this file is a program because it ends in .exe" and stripping executability from incoming files, then maybe you can start talking about security with the grown-ups.

But until then, go back to the kiddie-table with CP/M.

--
BMO

Re:Both have problems

[chrono13]

Exactly which hacker championship are you referring to? Pwn2Own, the contest where they win the machine and $10,000? If so, you will want to look at the results again. Mac and Windows have consistently fallen, while Linux has remained the only OS standing.

Absolute vs. Relative.

[GNUALMAFUERTE]

When we speak about GNU/Linux functionality, nobody takes relative values into account. They only take into account the absolute final result. Example, nobody takes into account the great hardware compatibility considering 99% of all drivers were written by the community after reverse engineering the hardware and/or other OSes privative drivers. People (including microsoft) only mention that GNU/Linux doesn't support all features of X hardware, and windows does, and therefore it's better.
Same thing for apps, marketshare, etc. They only say "More people have windows, it supports more apps, whatever, period. ".

So, why should we take into account relative values when talking about windows?

I don't care if they are trying hard, or if they have more marketshare, or about any other factor. The ONLY operating system that requires antivirus, antispyware, and other crap is windows. It is also the only operating system that is consistently, publicly and massively cracked around the world all the time. There are several botnets around the net that are the source of most spam, and this botnets consist of windows machines only.

So, in absolute terms, the most secure OS is OpenBSD. The most insecure is Windows.

Re:Absolute vs. Relative.

[Shados]

Except you don't need antivirus/antispyware on Windows. The only people who need it are those who disable the security features right after a fresh install, and people leaning heavily toward illegal activities. Since Vista you really didn't need it.

You'll see how quickly a Linux box gets owned if I send grandma 100 free smilies with instructions about how to set exec permissions and how to sudo (similar to what you need to do to get "pwned" by an attachment in a default Win7 install).

10 years without anti-virus and anti-spyware with bi-yearly scan just to be sure I'm not crackpot, and no virus so far, and I'm not even careful...

But you'll say: "people get owned all the time on Windows!". Yeah, because when you setup Grandma's Linux box, you actually set it up for her, not just hit next next next finish and give her the admin password. I setup the Windows boxes for my family (in roughly the same amount of time I spend setting up Linux boxes), and they don't get viruses either :)

Main difference: Linux users use legitimate software, Windows users don't (even when the OSS equivalents exist for Windows) and pay the price.

Re:Both have problems

[Jaysyn]

Here is a little hint for you. The dangerous hackers, the ones that are actually committing crimes in the wild, don't go to hacker competitions.

Oh please

[Tanman]

I'm sure that if you install linux from a distro that's 2-3 years old that updating all of that goes really quickly and smoothly.

Re:Both have problems

[shutdown+-p+now]

No, they aren't granted physical access. But they are allowed to set up a web server serving arbitrary content, for example, and then direct the person (who isn't one of them) using the laptop to open an URL on that website in the browser. I.e. it does not require the user to be entirely passive.

Re:Both have problems

[Runaway1956]

No, now that you mention it - I know about 3000 kids using Windows, and one kid using OpenBSD. And, now that I think about it, at least 2500 WIndows users have nuked and reinstalled multiple times. That nerdy little BSD kid just keeps on going, and going, and going, and going. I think maybe she's getting some of the Energizer Bunny.

Ford and Microsoft

[nacturation]

I love the weasel words that come out in these kinds of discussions. "Most" - what is "most"? One competitor? (Maybe, Apple?).

This reminds me of that Ford commercial I saw a month or two ago, where some dude is talking about how Ford won some kind of "most improved" award. That's like a retarded child who goes from flunking everything to getting straight C- grades ... relatively speaking, that's a far greater improvement that the straight A student who starts getting a few A+ grades.

Nobody cares that Microsoft's "focus and investment continues to surpass others". When Microsoft's boat has thousands of holes in it and is sinking faster than the Titanic, is it anything to boast about that you have a great investment in a massive number of people highly focused on sticking their fingers in the holes? Compare that to Apple's boat, where they only have a modest investment because there are only a few holes.

Re:Ford and Microsoft

[kimvette]

is it anything to boast about that you have a great investment in a massive number of people highly focused on sticking their fingers in the holes? Compare that to Apple's boat, where they only have a modest investment because there are only a few holes.

That's because they've already patched the gaping holes with the arms and legs of early iPhone and iPad adopters!

Re:OpenBSD Security is a Myth...

[sortius_nod]

First line of the blog.

Firstly, I would to apologize for, and clarify the title of this article. I wanted to use a title which would hold attention and encourage discussion while remaining true to the argument I make. I certainly don’t mean to imply that OpenBSD is a horribly insecure operating system – it isn’t.

Re:Both have problems

[sortius_nod]

In a corporate environment this can happen. It's quite easy to get some tradesman's clothes and pretend you're there to service a computer. You might want to read The Art of Deception by Kevin Mitnick.

The Age Of Doublespeak

[zunipus]

AKA 'Newspeak' by George Orwell. Black is white. Hate is love. War is peace. Windows is secure.

It's about time the world got off the MS arsenic. Bravo Google. I wish the US federal government would follow your example so we don't get pwned by the Red Chinese hackers (the Red Hacker Alliance) every other week.

I keep track of Mac security over at:

http://mac-security.blogspot.com/

Re:iPad

[mlts]

A closed device could make life much worse for privacy. How does one know that history and cookies are actually deleted, as opposed to saved off to a protected area? And of course, there are items like Flash/Java shared objects that are normally not deleted and on a closed system, there likely is no way a user can delete those. And there is always the ability to have an undocumented add-on which reports a unique ID to any Web server that asks for it.

Privacy on normal computers is an uphill battle, but at least if worst comes to worst, you can run your Web browser in a VM, or on Macs, do your web browsing as guest and log out periodically so all files are deleted. If a platform is closed, where one has to trust the Web browser to guard privacy, does it really do so? Cookies are not the only way to uniquely identify a machine.

I can see in the future this becoming a tool for "law enforcement" -- because most devices that are closed are tied by some sort of unique ID to some central place, it wouldn't be hard to push an update to a device to upload those "deleted" cookies and other data. The end user wouldn't know, and if he or she did, there would be nothing they could do other than trash the device. Or push a program out on a mass scale to look for certain items (say a MP3 file that was leaked), confirm it was on a number of devices, then file a large amount of lawsuits.

Re:Both have problems

[symbolset]

So what you're saying is that for the last two years Pwn2Own has been some sort of security Special Olympics? That's actually very interesting.

Did they ever have a BSD?

Re:Both have problems

[drsmithy]

Hmm, I must've missed MS beating out OpenBSD for security.

It's easy to be secure when you don't do anything.

Re:Both have problems

[drsmithy]

Am I to gather from this that the hackers are granted access to the machines? That isn't very realistic...

It's absolutely realistic. The vast majority of users are more than happy to do whatever it takes to see the dancing bunnies.

Re:Both have problems

[JonJ]

That nerdy little BSD kid just keeps on going, and going, and going, and going. I think maybe she's getting some of the Energizer Bunny.

Okey, I'm calling your bullshit.

Re:Both have problems

[TheRaven64]

If you compile your own code on OpenBSD you still get:

• Linker warnings if you use any unsafe string functions.
• Stack protection by default, protecting you from stack-smashing attacks.
• W^X protection (even on x86 with no page-level NX bit), protecting you from many categories of arbitrary-code execution attacks.
• Address space randomisation, protecting you from return-to-libc attacks.
• Guard pages around large heap allocations, protecting you from a lot of heap buffer overflows.

All of these work without any user intervention, by default, on all running programs. Part of the OpenBSD developers' philosophy is that all code is buggy, and the system should do everything that it can to minimise the security impact of running buggy code.

Another part is that no one uses optional security measures. Windows NT has had fine-grained ACLs on all kernel objects from the start, yet people tend to leave Windows permissions wide open because they're hard. Even now, Fedora and Ubuntu documentation often says 'disable SELinux' for various things to work. It doesn't matter how secure SELinux or UAC is, if the end user disables it.