Slashdot Mirror
Windows 8 Defeats 85% of Malware Detected In the Past 6 Months
An anonymous reader writes "Now that Windows 8 is on sale and has already been purchased by millions, expect very close scrutiny of Microsoft's latest and greatest security features. 0-day vulnerabilities are already being claimed, but what about the malware that's already out there? When tested against the top threats, Windows 8 is immune to 85 percent of them, and gets infected by 15 percent, according to tests run by BitDefender."
Did any of the malware get past whatever new copy of Windows Security Essentials they cooked up especially for Win 8?
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
... to those other similarly received OSs, Windows ME and Vista?
RGdot.com
The reason being it is an AV maker releasing it. They have reason to want to say "Oh the built in AV scanner sucks, you should buy ours!" They may be stacking the results.
AV Comparatives puts MS Security Essentials at about 95% in their latest test, not 85%. Bitdefender is 99.2%.
However one reason for that is false positive rate. MS is willing to trade off some detection to keep it low, because users get pissed off and want to get rid of scanners with lots of false positives. MSE had 0 false positives, BitDefender had 10.
None of this is to say getting a better virus scanner isn't a good idea, just take anything from a company selling a product in an area with a grain of salt. AV Comparatives seems to indicate that wile MSE is certainly not one of the best virus scanners, it isn't bad.
Linux is not 100% secure. Linux is very secure, and is certainly more secure than Microsoft's OSes, but vulnerabilities are discovered all of the time. The biggest distinction is that since Linux is openly developed with the potential for anyone to contribute and for everyone to see, there aren't large, untested milestone releases without public eyes on them like commercial OSes. By the time that the experimental version becomes the release version it's already been vetted. Microsoft doesn't have the same quantity of testing because while there is a beta program, it's not designed to be thoroughly examined.
Do not look into laser with remaining eye.
Since Windows 8 repurposed Microsoft Security Essentials as its new Windows Defender, which is built-in to the operating system, would these statistics hold true for Security Essentials on all systems, or are they unique to Windows 8?
Or is BitDefender just trying to stir up some business?
Security through obscurity only works until someone tries to break it.
Troll is not a replacement for I disagree.
More like Linux still doesn't have the market share to warrent spending significant time developing malware for it.
Why, not a single malware application can be installed on a banana! They too are immune.
Therefore bananas are now the most secure OS
Reacting is always easy, that's why malware is so efficient. There are AV kits out there that detect 98+ percent of the current malware. Problem is not the malware we know about already, the problem is new malware that infects before patches can be applied and AV signatures can be updated.
OF COURSE a new system is more resilient against current malware. By the very nature that a lot of exploits simply don't work anymore because, well, different codebase, different handling of various things malware relies on. By that logic, MacOS is even superior to Win8 because because zero malware for Win7 can infect MacOS.
The more interesting question is why 15% (one in seven) malware threats still work on Win8.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Actually, when it comes to out-of-the-box security as well as the possibilities offered to knowledgeable admins, Linux isn't really far away from Windows. Both have, from the point of view of a security expert, horrible out-of-the-box security and can be sealed tightly by the hands of good admins.
The main reason why there is less malware for Linux is simply that malware is a business: It's the same reason why there is also less other commercial software for Linux.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Run those same tests/malware against Linux/Mac. 0% gets through.
really? do you think that malware written to take advantage of exploits in the windows OS won't work on linux? thanks for that revelation. linux wins again.
Soooo the new operating system, which was just released and hasn't yet been targeted by malware writers doesn't get infected by a lot of malware? Of course it doesn't. Windows 8 has around 1% or less of the market, almost no one is writing exploits for it yet.
Run those same tests/malware against Linux/Mac. 0% gets through.
Oh, you so smart! OF COURSE malware designed for Windows won't run on non-Windows! That's like copying bash from your Linux-installation to your Windows-installation and complaining how F/OSS software sucks because it doesn't run.
The malware will work if you run Wine.
How does an updated version Windows 7 with Microsoft Security Essentials compare? That information might make this article meaningful.
Run those same tests/malware against Linux/Mac. 0% gets through.
really? do you think that malware written to take advantage of exploits in the windows OS won't work on linux? thanks for that revelation. linux wins again.
You never know, Perhaps if WINE is running a Linux host could be at risk... (Not that I know of any viruses that could infect a Linux computer running WINE, except for one case where user intervention is required, but there is a first time for everything.)
Any insufficiently advanced magic is indistinguishable from technology.
More like Linux still doesn't have the market share to warrent spending significant time developing malware for it.
Neither does Windows 8.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
More devices run Linux than Windows. How big of a target do you need?
That's interesting, the original security press release is quite negative - "Newly launched Window 8 is prone to infection by some 15 per cent of the 100 malware families most used by cyber criminals this year, even with Windows Defender activated, Bitdefender testing revealed." but somehow that's become a positive "Windows 8 protected from 85% of malware detected in the past six months, right out the box"
The original point is that Windows Defender can't detect 15% of this years most popular malware, that's not exactly great for an AV program, or maybe Bitdefender has just written a shill piece with a hand picked sample of unusual malware that trip most AV programs up to flog their own AV solutions?
At any rate the figures useless because they didn't compare it to a fully patched Windows 7 system or alternative AV programs, why did this even make the homepage?
Bitdefender sells security products. Can we get a number from somebody a little less biased, or perhaps somebody biased against microsoft? How about a consulting firm with a good reputation the prefers Linux, but grudgingly supports MS because they have to? Anyway, Bitdefender has an incentive for you to think Win8 is insecure. How are they defining malware? Stuff that says, "to install, please enter admin password"? If 15% of the "malware" comes with those instructions, it'll infect anything.
The malware will work if you run Wine.
I actually have tried that. A lot of the malware that runs fine on Windows crashed or just didn't work properly under Wine. Does that mean Wine is broken, or that the devs haven't broken it enough yet? I can't decide!
Right...
Linux runs on more computers than Windows worldwide.
You know, all those servers, phones, appliances and clouds that make up the Internet? Those.
It may not be on most desktops but its on everything else and it far outnumbers Windows.
It's not more secure because it's more obscure, it's more secure because it's better.
I don't know the meaning of the word 'don't' - J
so what do the numbers mean? that there are a bunch of 0-days out there that they know but haven't bothered to report or fix in the last 6 months? so the stuff silently installs and does naughty things while you surf your daily dose of naked chicks? or if you download the exe, run it as admin and see what happens, then 15% of the time it works?
The overwhelming number of Linux servers worldwide are behind firewalls and will rarely ever attempt to reach out blindly to the internet. There aren't nearly as many attack vectors to exploit. It's far easier to find some bad PHP code to exploit, or an unpatched version of Apache than it is to attack it using traditional methods that might work on a user machine.
The best antivirus is a smart user.
Most malware on Windows gets dumped into %APPDATA% because it can't go anywhere else without raising a red flag. This makes it fairly easy to nuke. The same works for Linux.
I copied bash to my Win8 boxen, ran
# rm -rf /
and now Win8 doesn't boot.
Thanks for the perfect solution.
cheers,
More devices run Linux than Windows. How big of a target do you need?
Ah yes. But which Linux? There is, what, 20+ major distributions and dozens or hundreds of minor ones? Even calling all of them a single OS is almost a stretch, given that some of them have almost nothing in common with each other. That's not one target, it's a few dozen. And it's hacked all the time, just rarely using automated malware tools (because, again, those aren't terribly effective against heavily fragmented targets).
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
It's like I'm really back in 2003! Thanks AC troll.
I keep wondering. Software keeps getting better because computers get faster and labor gets cheaper. If you throw enough resources at it it gets done. But most of us entry level techs make our daily bread fixin' up this stuff. It's another symptom of increased productivity. Things get better and better so there's less work to do. But if there's less work there's less jobs, and our whole society is built on Jobs. People can't stand the thought of someone getting paid and not working for it. Jesus, what would we do with replicators?
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
The biggest distinction is that since Linux is openly developed with the potential for anyone to contribute and for everyone to see, there aren't large, untested milestone releases without public eyes on them like commercial OSes. By the time that the experimental version becomes the release version it's already been vetted.
If that theory is true then you would expect to see fewer vulnerabilities for Linux than for Windows. In reality, over a given time period Linux experiences many more vulnerabilities than Windows.
Windows Vista: Until now 377 vulnerabilities has been discovered.
Linux kernel 2.6: Until now 633 vulnerabilities has been discovered.
Note that the number for Vista includes the bundled software as well (i.e. data access components, window manager (GDI, explorer), windows Mail etc) where the number for Linux is strictly kernel vulnerabilities.
Microsoft doesn't have the same quantity of testing because while there is a beta program, it's not designed to be thoroughly examined.
Ahem. Microsoft has this process called Secure Development Lifecycle. They do not rely on users to test and find security bugs. What is the process followed by Linux developers (kernel, KDE, GNOME)? Is there a formal process or do we simply rely on them to be good craftsmen? Surely they do not rely on beta testers to find security vulnerabilities?
Rephrase the headline - Windows 8 allows 15% of previously-known malware to infect systems.
This space available.
"The overwhelming number of Linux servers worldwide are behind firewalls"
Sure. On the other hand there are no small number of firewalls running Linux.
"openly developed with the potential for anyone to contribute and for everyone to see"
I am continually amazed that people think just because they have the source code to an OS they can just scan the code and locate security holes. The low hanging fruit is long gone in today's popular OS's. OS security holes and weaknesses are found by combining and testing multiple executable decision trees with varying environmental factors and then analyzing the captured results which usually includes sorting through binary output, assembler output, and real time memory mapping looking for anomalies. Finding OS level security holes also requires an in-depth knowledge of the various CPU processor instruction sets, memory allocation models, and memory manipulation. To many developers equate OS development with Application development when in reality they are almost entirely different animals requiring radically differing skill sets.
I must nominate flash. Java next. Avoid those and you have a better chance. Add common sense and your odds are improved. Toss in firefox with noscript, and adblock, and you should be in good shape. At that point, it will not really matter if you get rooted, you should be able to re-install/recover your non-NONFREE OS quickly. Basically you really only need to worry about DPI and BIOS/UEFI based rootkits/backdoors. If you are still concerned, then pull the plug and get off the net.
You are being MICROattacked, from various angles, in a SOFT manner.
That's OK, it's 15% backwards compatible.
Blank until
Linux contributes bash and windows contributes malware. Good to know.
But they don't affect all platforms equally. Privilege escalation is a very different ballgame on a linux box than on a winows box.
Linux has input from a lot of less than able coders. The problem with security is that only one mistake has to slip through then you're screwed.
If current malware won't even run on windows 8, are my regular applications going to fare even better?
I haven't read TFA, or the summary, but the headline tells me that Windows 8 has some _serious_ compatibility problems!
"The world has moved to iMoble devices which are mostly locked down."
If you think mobile devices are safely locked down you live in a dream world.
Ok that's pretty good for a brand new state of the art operating system. Remind me again what the fucking definition of progress is?
These horrible pieces of spy/mal/adware that install from CNet need to be detected. I have not found a program that does so.
Windows 8 now ranks in the same odds as having "Safe Sex" with an HIV positive individual. Thanks Microsoft.
Ok dude... I bet Linux defeats MUCH more malware than this. An entire class of malware is made or relivent by Linux... But then, if found on Linux, it is infinitely easier to get rid of on Linux than on windows. So, please, stop with inane crap.
it does if you include servers and phones
This is a joke. I am joking. Joke joke joke.
Some malware intentionally exits under Wine and other virtualized environments in order to evade detection. Security companies collect large numbers of executable samples and execute them in a sandbox environment, which is sometimes Wine-like or a more complete VM. By exiting harmlessly, the malware appears to be as safe as notepad.exe.
I don't know if you've heard, but Linux/Android PC's are moving 1.5 million units per day, with a half-billion unit installed base. At the current rate of growth Linux PCs will exceed Earth's human population in Q3 2014.
Help stamp out iliturcy.
Typical Microsoft propaganda here.
You're comparing vulnerabilities found by external forces with totally no insight into the inner workings of an OS to all the vulnerabilities that are found by both external forces and people with intimate knowledge and years of experience in good coding for said system. For a good comparison, you would need to open source Windows and compare the leaks found both internally and externally at Microsoft and I'm not even talking about the methodology of your picking of statistics.
And you're right, MS doesn't rely on users to find bugs, as a matter of fact, trying to submit a bug and proper insight into the bug database at Microsoft is nearly impossible while Linux has (once again) an open system that everyone can use. This only speaks to the problem that Microsoft is having. As a company/team you can only test against a handful of systems usually in an automated fashion and concentrated on regression/unit tests. Your customers who actually use the software will have plenty of use cases that you can't anticipate.
I work in a highly specialized environment myself, using Linux/Mac is a no brainer because of the high flexibility in getting to do the hardware what you actually want while with Windows you're practically running into a wall at every turn because of the layers of crud that have assembled over the years.
Custom electronics and digital signage for your business: www.evcircuits.com
So you're saying that fragmentation is an Android advantage.
Help stamp out iliturcy.
I am continually amazed that people think just because they have the source code to an OS they can just scan the code and locate security holes.
How come you're amazed by things that happen all the time? Most security holes in the Linux stack are found by people who were going over the code for their own reasons, and most of those bugs never even reach an exploit stage.
But all that reduces to a tiny set of ways to get code executed, roughly:
array out-of-bounds writes, pointer confusion, writing somewhere (ram, disk) that's executable
The solution is peer review. Its enemies: major releases & closed development.
Science & open-source build trust from peer review. Learn systems you can trust.
It's amazing that some people insist that we can't do something which we do all the time. Look at the CVEs man, we find and fix weaknesses all the time. If you did look at the CVEs, you'd find my name. That's pretty solid proof that you're mistaken - I can find vulnerabilities because I do find vulnerabilities. When it comes to Windows, I don't know Windows. I haven't used Windows in fifteen years. When people ask me to work on their computer, I turn away all Windows work except "I forgot my password." I can't USE Windows, but I can sure CRACK Windows.
Sorry, that sounded silly back in 1996 and it's fucking stupid now. Your TV probably runs linux and connects to the internet these days, most likely via a linux wifi access point or router. The "market share" is enormous.
In the last couple versions of Windows, MS has been trying to implement something like the old (pre SELinux) *nix security model. This after having removed it. Why? Because they had removed the security, for good reason, and the *nix model is a good one. In the old days, there were network operating systems. Many users had terminals to one computer, which protected one user's work from other users mistakes or malice. It was designed for security and it was Unix. It was also huge and EXPENSIVE. One day a guy wanted an OS to fit on a 512k floppy disk and run with 128k RAM so people could afford computers at home. Single home computers, not corporate networks. To make Disk Operating System fit on a floppy, he removed stuff DOS didn't need, like security. (No network meant few threats.) A GUI was added. Backwards compatibilty was maintained with the "no security needed" DOS. Then the internet happened, and Bill crapped his pants. Since then, MS has been trying to design security back in, while maintaining backward compatibility. DOS programs still run on Vista, without running into problems with new security added since Disk Operating System. Linux has always been a network OS, never a disk OS, and has therefore never removed the security model.
It doesn't take a rocket scientist to figure out which OS will have an order or magnitude more market share than the other in 6-12 months...
Somebody writes as it it's ok to be vulnerable to 15% of the malware on the internet. That's roughly the same as being vulnerable to 100%. Let me try to get this straight... 15% is the new 0%?
When all you have is a hammer, every problem starts to look like a thumb.
In most cases, it's *potential* Linux exploits found by those looking at the code, vs actual Windows exploits seen in the field I would guess.
It seems that Microsoft has the same problem, and far fewer eyes on the code.
likewise for the number of viruses infecting it :)
my desktop is full of bomb icons so that it is very risky for a virus to infect it without tripping over one of the bombs and stubbing its toe
only windows is fragmented... thats why they made defrag
imagine a virus infecting tvs, set top boxes, pvrs, etc all running a linux kernel... it would be like synapse from the film "antitrust"
Most malware on Windows gets dumped into %APPDATA% because it can't go anywhere else without raising a red flag
gosh i don't even need to worry about windows viruses any more... *opens interesting looking attachment in email from unknown*
not only is secunia a microsoft partner (so not really what you would call an objective source), but there will always be more bugs and vulnerabilities for a project that is more actively developed... not knowing about windows vulnerabilities doesn't mean they don't exist... better the devil you know
Ironic, isn't it? Locking the system down in the name of security kept everything out except what people want kept out. What a waste of a garden wall.....it's not for security.
"First they came for the slanderers and i said nothing."
Secunia joins Microsoft System Center Alliance program
http://secunia.com/company/blog_news/news/196/
Ok, and now for the desktop where the average clueless user is a much easier target than the average corporation admin.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Linux is still used predominantly by clued users and/or administrators who (usually) know what they're doing. The amount of clueless computer users who also have the root password is fairly low. And the average user with a clue doesn't click everything sent to him, the average admin cannot because he can't check his mail on the server (at least if security did their job).
And hence the market for malware is rather tiny.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
meaningless to me ... whats 7's score? how about XP sp3 not ran by a retard and or parent? or even... thats not impressive compared to linux invulnerability to malware.
how about this, you have a 15% chance of being a victim of a crime ...
Have you tried opening a big file in notepad? It is not all that safe.
...
I had some guy that downloaded something that pretended to be a dodgy PDF encyption cracking tool but was really a virus, and he infected Win4lin with it. Hilarious, the thing tried to fuck with bits of the system that did not exist. It took seconds to fix since all I had to do was rename an older Win4lin image on that PC. I think that was in 2004. I've seen nothing like that since.
No, the "open source" myth is not true. See e.g. http://www.debian.org/security/2012/
I'd bet that more holes are created than fixed, per day.
Jane, you ignorant slut!
Which versions of Linux? Are you saying on binary can attack all of them? No. You are not. Windows has decades of backwards compatibility to deal with. Don't try and compare phones with desktops. Callin bs on that bs out of the gate.
That's great. Looks like it's security is more active than Windows 7.
What red flag? You mean the "Do you really want to do this? Yes/No" message? You know, the one that everyone is going to look at and say, "well fucking duh, yes I want to do this, or I wouldn't have told you to do it anyway," just like in the old DOS/Win9x days of "Yes/No/Retry/Fail"? Why no, Windows, I actually want the process to fail, and I don't actually want to install that program...
Much better, MS, but you will be hard pressed to find a UNIX derivative being able to run 15% of malware out there. Much better, and a definite improvement, but nothing compared to true security. I wonder how this could be spun into something positive, unless you are comparing it to previous versions of MS only.
It's not more secure because it's more obscure, it's more secure because it's better.
Yes and no. What versions of Linux are those machines running? What versions of Apache, MySQL, PHP are they running? Very few Linux installs have common attack vectors.
- The vast majority of common attack vectors on Windows require user interaction. The vast majority of your Linux installs have no users.
- The next big group of common attack vectors on Windows require popular end user software (Acrobat, flash, IE, etc). The vast majority of Linux installs don't have those.
There are many documented cases of attacks on Apache, but again there are many different versions of Apache in common use, and MANY of your Linux installs lack Apache anyway.
Linux benefits greatly from obscurity since there's no extremely popular attack vectors that can be leveraged on an insanely large number of systems, and in those cases where such vectors exist they are often exploited.
Not enough to make it news-worthy. Which is more than can be said of any Windows release during its lifespan.
Uh, isn't the actual news the other way around?
The most current version of the OS still is vulnerable to 15% of known threats? That's a pretty damning track record if you ask me.
It means that a billion dollar corporation that put security high on its agenda for several years now still can't create something that is secure against well-known attacks, and can't keep up with patches and let's not even talk about pro-active security.
True, there is no such thing as 100% security. Even OpenBSD has had its 0-days. But we're not talking about 0-days here, we are talking about known threats that have been out there for months.
Assorted stuff I do sometimes: Lemuria.org
Windows 8 is not "immune" to 85% of malware any more than Linux is... The malware was simply never written for windows 8 and is subsequently incompatible with it. Once malware is specifically written to target windows 8 the situation will change.
Windows 7 also suffered very low malware infection rates when it was first released, it just took a little while for new malware to be written and for it to propagate.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Only on desktops, which aren't very attractive targets anyway.
On servers, supercomputers and embedded devices linux has plenty of marketshare and there are lots of people targeting it.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
A significant portion of those firewalls themselves are actually running linux you know...
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
You just need The Universal Operating System.
http://www.google.com/search?q=The%20Universal%20Operating%20System
Dilbert RSS feed
That's a bit of a false distinction.
All bugs are found by *someone* doing *something* (obviously). That something is either running some software, or developing some software. The big difference between the world of Linux/FOSS and Windows/proprietary software is: is the dirty laundry aired in public, or in private?
In the world of Linux, if a developer (either application or kernel) discovers a bug, it ends up on publicly-accessible mailing lists etc. If a Windows developer finds a bug, the only people who will hear about it are other Microsoft employees. If a Linux user submits a bug report, it goes on a public-facing bug tracker. If a Windows user submits a bug report, it disappears into the corridors of Redmond and will be fixed in an anonymous Windows Update patch (if at all).
So you can count pretty much every Linux bug and vulnerability accurately, whereas Windows bugs generally don't go public.
Win 8 + BitDefender still being infected by 15% of malware is HORRIBLE.
And typically takes requests for files and serves them. That has to be done fast, but it's not really that hard. Web servers and routers aren't quite up to the same par as a general-purpose desktop machine designed for ordinary people who don't even know the difference between a virus and a trojan.
Realistically, most security is at the application level these days. You don't need root access to steal peoples' information. Just look at how much havoc you can cause by hitting a web browser with one clever block of JavaScript.
The main reason why there is less malware for Linux is simply that malware is a business: It's the same reason why there is also less other commercial software for Linux.
Hmmm. Let me ask you some questions in response.
How many web servers are powered by Linux nowadays? (A: a large percentage of the market)
What would be the business value of p0wning a web server to distribute your malware? (A: priceless)
Linux is everywhere. Desktop Linux not so much. So you're right that there will be less trojans for Desktop Linux, because the target is smaller and its users more vigilant.
At the same time there should be proportionally more worms and rootkits that target Linux servers and appliances, but that doesn't seem to be the case.
What red flag?
Windows has Windows Resource Protection (WRP). Unlike Linux/Unix, even if you run as an administrator (equivalent to root) you *do not* have permission to change operating system files. Only the TrustedInstaller account can change those files. Furthermore, the files are designated system integrity level raising another barrier. Even if a malicious process succeeds in fooling a user into elevating to high integrity level with administrator privileges, it cannot change those files. WRP also performs integrity checks upon system start. If any files have been tampered with they are restored from an encrypted cache before they are accessed. Is guaranteed security? no - but it pretty good protection and it is unlike anything you'll find in Linux/Unix where root access == pwned.
Windows has Kernel Patch Protection (KPP). KPP encrypts and checksums certain OS tables of the running operating system to prevent tampering by rogue processes which somehow have gained kernel access (e.g. through a vulnerable driver). A rogue kernel process will attempt to patch itself in so that it may intercept disk accesses, network access etc. If KPP determines tampering it will halt the system. Is guaranteed security? no - but it is unlike anything you'll find in Linux/Unix.
Windows has a kernel mode signing policy which requires all software (drivers and more) which are to be loaded in kernel space to be digitally signed. If they are not signed they cannot be loaded. If a driver has been tampered with, the signature will be invalid and the kernel will refuse to load it. Ubuntu and Fedora now does have some signing protection, but they are incomplete in comparison, e.g. they only protect executable modules, not configuration files.
Windows 8 introduced secure boot. The Windows 8 boot loader is signed with a key known to the UEFI bios. The boot loader will in turn check the integrity of the OS and configuration (using digital signatures) before the proceeds. This closes the vector where a bootkit takes control of the system and boots the OS in a virtualized environment through which it can patch the OS after boot.
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
Also Linux security is traditionally viewed from the ability to infect system files on a mult-user machine, and it had long had a superior security model in this respect.
But todays users, really only cares about their own files , which are far more accessible to malware whilst surfing the net.
I don't know if you've heard, but Linux/Android PC's are moving 1.5 million units per day, with a half-billion unit installed base.
Exactly!
That totally debunks the market share argument since Android has not seen a malware explosion, even with it's huge market share.
Oh wait...
That's why Google has stated that Android does not need any malware scanner like Windows Defender
Oh, wait...
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
And if you can create enough computing power with your botnet, your virus can run Linux too!
Defining Statistics and Social Research
Windows 8 Incompatible with 85% of the Most Widely Installed Software
http://alternatives.rzero.com/
This is a lot like saying "This is great news! We only need to remove 15% of your penis! You should be grateful."
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
Saying "smart user" means that such a user never makes a mistake or clicks the slight off or any number of accidental things that happen in Windows.
No the best thing to do is engineer a solution where bolting on software to monitor the user is the cheapest way to do it and it is inadequate because it never solves the fundamental problem: Malware software are doing things no software probably shouldn't be allowed to do. Forget about detection where instead the focus should be on why those features and hooks into the OS exist at all.
What do you do about serious windows design flaws, like unsalted passwords, hash passing and poorly designed protocols which allow such attacks, storage of plaintext passwords in memory (google for mimikatz), poorly designed over complex services that offer far more functionality than required and expose functionality pre-auth etc...
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Vista is a released product, the 2.6.x kernel included development branches...
All development of Linux takes place in the open, so any bug found by anyone, even in a development version not intended for end users is publicly documented...
On the other hand, MS will not publish bugs which were found during internal development.
Those with the source code are best placed to find bugs, it's more time consuming without... Those who have MS source have no incentive to publish any vulnerabilities at all... If 377 vulnerabilities were found without sourcecode, how many more could be found with it?
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
An OS like Windows XP?
Seriously, many corporations are technically eleven years and three operating system versions behind. And they're running relatively smoothly.
Do not look into laser with remaining eye.
Great Coolaide there isn't it. Secure boot does not benefit the end user. In fact it's explictly designed to take away My Control of the hardware I purchased.
The only reason there was interoperability was that the Unix label insisted upon a standard level of it so that the software that was purchased/leased could run on the various makes of hardware and it is still used today.
OSX is a prime example of this certification standard. Any Unix Software should run on the certified Unix version of OSX w/o modifications, exactly as the Standards Body Wants and since *BSD is Unix (one of the standards body members) it will always beat Linux from a commercial standpoint due to the stable API's that allow companies to create software that runs upon multiple versions of Unix. This is what MS has done with their Backwards Compatibility though they didn't do a good enough job of publishing the API's needed for that.
Mod me up/Mod me down: I wont frown as I've no crown
Unfortunately, windows 8 also defeats 85% of users who attempt to use it do actually do something useful (as opposed to just oohing and aahing over the pretty tiles)
I think it would be more fair to compare the number of devices that allow arbitrary execution of externally acquired software. A PC, or a smart-phone or a tablet does allow this. Generally a router or a TV or other embedded software system don't.
Most infections are due in part to users allowing the malware access to the system (clicking a link, opening an attachment, running the software, etc.)
So, I don't think it is fair the number of Windows install (largely desktops and servers) to the number of Linux installs (loads of devices in the consumer electronics market).
For what it's worth, my opinion is basically, like with most debates, that both arguments are correct. Windows has a larger market share of computers (as opposed to devices in general), and so presents a more attractive target. It is also an easier target as it is much easier to install malware on it, and when done so it is much easier to compromise the entire system rather than just a subsection or a user account.
It is of course quite possible for malware to infect a Linux system, all that has to happen is the user has to install it. This is much harder to do on Linux due to the repos being the source of most installations, as opposed to downloads being from un-verified websites for Windows.
Would this remain true if the great mass of unskilled users started using Linux?
I think that if Linux got a larger market share there would be more commercial involvement and we would see more 'download our app from our website (and pay us £20)' type installs going on, which would break the security that repositories currently give the typically Linux user. Maybe we'd see something more like the Android market?
Sounds like TrustedInstaller then is more analogous to root, then. No, really, it sounds like Windows has some SELinux role features. Admittedly, Windows had it first but just like with SELinux it didn't obtain any sort of regular adoption because it introduces an extra level of complexity that makes it harder for the average user to manage their own system. And attempts to try to automate around that issue end up invariably just being another place that becomes an attack vector.
All of the above would be important if, oh, malicious processes need to be root to auto run or otherwise do 99% of the stuff they want to do. No, the only major thing the above does is make it harder to write a root kit. But malware doesn't have to be a root kit to be a major annoyance to remove.
Right because in Linux land, 99% of drivers are open source and included with the kernel. That is to say, there can be static analysis of the code to much more readily guarantee against kernel tampering. Beyond that, yes, the more noticeable examples of closed drivers (gfx card and wifi) are a real problem, but something like KPP is at best a hack to the problem. For the rest, trying to prevent local system escalation is generally more important anyways to prevent that vector of attack. But as I noted, it only tends to matter with root kits.
Funny thing about digitally signed code. Even if it were a guarantee that you know where the code came from, it doesn't mean it's secure either by design or just general developer failings--look no further than Sony or the countless examples of security vulnerabilities in gfx card drivers. In fact, there was a nice little article about AMD drivers--digitally signed, mind you--disabling ASLR because it was incompatible with it. Since then, the AMD drivers have been updated and certainly ASLR was no panacea anyways. The point still stands that with all the testing that MS does before signing drivers, they let such a gaping hole right on through. And I state this not because I don't think MS seriously tries. It's just that KPP and unit testing are the sort of static test
Eurohacker European paranoia, gun rights, and h
About 10 of those are to replace devices and computers I have replaced and thrown away. How many represent new devices and/or users?
It doesn't take a rocket scientist to figure out which OS will have an order or magnitude more market share than the other in 6-12 months...
I'm guessing Unix/Linux, considering that almost all tablets and smartphones (and a huge chunk of laptops) are running either a Linux distro or a branch of a certified-Unix operating system.
Dewey, what part of this looks like authorities should be involved?
You got modded funny, but that's probably true. Most people I know have several computers in various form factor combinations. I have a phone, tablet, laptop, work PC, and home gaming PC. That might be more than a lot of people, but certainly isn't uncommon.
Dewey, what part of this looks like authorities should be involved?
Linux has a much sharper definition of privileges than Windows. If UAC was only needed to do important things, and less programs needed root-type privileges to even run, the security would improve a lot. Unfortunately, requiring elevated privileges just for a program to run is not a good idea, and setting a program to always run with elevated privileges is risky similar to how the setuid bit is risky. Microsoft needs to enforce that elevated privileges be required only when absolutely necessary.
Another way of doing things would be to implement a model similar to FreeBSD Jails. This would allow for users to install software safely, as the software would only be able to alter its own files and see its own information. PCBSD's (a derivitive of FreeBSD) graphical package manager does something similar to this, but there isn't a 1:1 jail:program setup. I find this to be quite an elegant solution for home use, where you often want application installation, not just usage, to be multi-user. It wouldn't stop botnet type programs, but it could be implemented to block access to private data files.
Most malicious programs simply do obnoxious but otherwise benign things. It is not possible to preemptively stop malware from doing something if an otherwise legitimate program would be allowed to do the same. Legitimacy is subjective.
There is a large difference between a malicious program that tries to overwrite the boot record or patch the kernel, and a malicious program which sends out HTTP requests. The former is easy to detect because as you said, it takes actions which no program, legitimate or otherwise, is allowed to do on a stock installation of Windows. The latter is otherwise indistinguishable from a web browser and can only be detected by comparing its behavior to that of a known malicious program, requiring developers to play a constant game of catchup.
This was a problem with Windows XP, the system and user were not properly segregated. Thus, it was common for malware to inject itself into system folders and without a proper antivirus it was almost impossible to detect it. When UAC debuted with Windows Vista many of these attack vectors were supposed to disappear and they did. Unfortunately, it took developers about 5 years to get out of the Windows XP development style and to stop mixing application data and user data. Once a program is installed, there should be little to no reason to put user data in the same location, that's what home folders are for. Users simply clicked "yes" to UAC every time it popped up, or disabled it completely. As much as I wish it were possible to do so, it is not possible to patch stupid.
The exact same security vulnerabilities exist in Linux. Any malicious script or program will have unfettered access to the entire system if the user can be convinced to put 'sudo' in front of it. Any Linux admin knows better than to install something that they don't trust, the same cannot be said for Windows users often install pirated software and the malware that comes with it.
You realize that Secure Boot can be turned off right?
If it's off by default on OEM machines then all of the stupid users who honestly believe that they are the one millionth person to visit a website will risk compromising their machines and simply increase the already nasty amount of noise on the internet.
It is not possible to disable Secure Boot outside of the EFI setup. That is by design.
More like Linux still doesn't have the market share to warrent spending significant time developing malware for it.
That's a false argument. There are enough Linux machines on the internet to justify spending time writing malware for.
Linux and UNIX in general was designed from the start to be secure. Windows is designed to be backward compatible and have a nice user interface. It's simply impossible to add security to Windows at this point without breaking backward compatibity and all kinds of third party software.
The Morris worm worked because it was new, no-one was expecting it or even considered the existance of anything like it. Now it's obvious but back then it was about as expected as an alien invasion.
Unix closed the obvious security holes very easily but Windows never could close its security holes because you can't retrospectively change bad design decisions without breaking most of your backward compatibility.
That's just daft. All Linux has the kernel in common or it's not Linux to begin with.
You don't actually appear to know what Linux is..
How many of those devices are WORTH hacking, let alone what is the target profile?
Every single one, if for no other reason than they would make good jumping off points to hack other systems.
The reason Linux gets hacked less than windows isn't because there is less Linux, it's because Windows in insecure by design. All the security 'features' that have ever been added to Windows are just band-aids over that insecure design.
Which versions of Linux? Are you saying on binary can attack all of them? No. You are not. Windows has decades of backwards compatibility to deal with. Don't try and compare phones with desktops. Callin bs on that bs out of the gate.
Phones have enough processor power and bandwidth these days to make them a target worth attacking. You can also steal a lot of user information from phones.
I'm calling BS on you BS_Mung_42.
How about figuring out how many Linux machines are in the world and the number of infections on them than doing the same with Windows?
Why the fuck is this discredited old FUD still being voted up?
Because a lot of moderators either know nothing about IT or are being paid to spread MS's FUD.
Purchased by who? Vendors of new PCs and residents of asylums around the world? No one cares! Maybe, just maybe, more machines will be running Windows 7 than Windows XP shortly. Since no one is running it, no one is looking for vulnerabilities, ergo no malware.
Actually, when it comes to out-of-the-box security as well as the possibilities offered to knowledgeable admins, Linux isn't really far away from Windows.
In theory they both have good security models but Windows has had to compromise everything for the sake of backward compatibility. Windows also has a very long history of bad implementation work leading to security holes.
In practise Windows is a nightmare to secure and a nightmare to use in any serious environment due to bugs everywhere are very poor documentation. Linux is a hell of a lot better on all counts but also not perfect.
..even if you run as an administrator (equivalent to root)..
Administrator is not equivalent to root. Windows and Linux are designed quite differently, it's just wrong to say these two things are equivalent.
Now go on and tell us about the latest band-aids Microsoft has pasted over the open wounds of Windows security.
How many of those vulnerabilities allow complete root/administrator level access to the entire system? I may be guilty of observational bias, but it seems that every time I bother reading the details of windows vulnerabilities, they mention that it grants the attacker complete control of the system.
Linux is still used predominantly by clued users and/or administrators who (usually) know what they're doing. The amount of clueless computer users who also have the root password is fairly low. And the average user with a clue doesn't click everything sent to him, the average admin cannot because he can't check his mail on the server (at least if security did their job).
And hence the market for malware is rather tiny.
Linux is used by all sorts of people including a lot of people with no clue who got sick of Windows. Where I work there is a woman who thinks she uses Windows, She actually uses CentOS 5.4 running GNOME and she doesn't know or care about the difference.
You only need to telnet to a POP3 or IMAP server to check your mail. Most users won't do that though.
Windows Vista: Until now 377 vulnerabilities has been discovered.
Linux kernel 2.6: Until now 633 vulnerabilities has been discovered.
Please include all the security holes in Vista that were not made public so we can actually compare these meaningless numbers.
I've worked in places that had _SERIOUS_ problems with windows, and I mean global cascade crashes of thosands of servers at costs running info many millions a day and my company covered everything up for the sake of their share price. Microsoft sneaked out a fix ( months later BTW ) globally on the back of some other fix without the real extent of of the problem being visible to anyone except my company and Microsoft. It's quite impossible to cover anything up with Linux, everything is public.
Therefore - Your numbers are bull, they don't include cover-up fixes.
You need only look at one bad webpage and your Windows computer is spewing out cialis spam. Clicking on one wrong link or misspelling a single URL could bring you to one of those pages.
Linux - You actually need a serious user error like a guessable password to let the bad guys in.
The world has moved to iMoble devices which are mostly locked down.
Funny.. You are joking I hope..
House for sale. 85% of the roof doesn't leak.
Boat for sale. 85% of the hull has no holes in it.
Car for sale. Brakes work 85% of the time.
'SHUT UP AND TAKE MY MONEY!' -- Average Windows fanboi
Like my Sony Bluray player with Java built in? Suddenly all these "smart" devices aren't looking so "smart".
of those vulnerabilities how many were patched? and how many where exploited? please show the stats for that side by side for windows and linux
---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
As everybody already said, they have the entire kernel in common.
Also, there are mainly 3 varieties of Linux out there (at least plugged at the net), GNU/Linux, BusyBox/Linux, and Android. Linux isn't not even nearly as diverse as most people claim.
Rethinking email
Linux is immune to over 95% of users!
The rest of us have a terminal fascination.
Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
Sounds like TrustedInstaller then is more analogous to root, then. No, really, it sounds like Windows has some SELinux role features. Admittedly, Windows had it first but just like with SELinux it didn't obtain any sort of regular adoption because it introduces an extra level of complexity that makes it harder for the average user to manage their own system.
No, TrustedInstaller is not equivalent to root. An administrator is equivalent to root; only in Windows "administrator" is a set of privileges/permissions rather than a single can-do-everything all-or-nothing account in Unix/Linux - a limitation which has led to the incredibly stupid and exploit-prone SUID processes. You cannot log on as TrustedInstaller - it has no password (no it is not blank - it just doesn't exist) and you cannot log on interactively. Only the WindowsUpdate process run as the TrustedInstaller - and it only accepts packages signed by Microsoft. There is *nothing* comparable in Linux. If you are root you can tamper with files and loadable modules (e.g. drivers). There is no equivalent account in Windows that you can use.
And attempts to try to automate around that issue end up invariably just being another place that becomes an attack vector.
There may be bugs in the implementation - but resource protection is a significant barrier to overcome. Along with kernel driver signing it has pushed malware that seeks to take permanent residence to resort to bootkits - a vector now being closed as well.
All of the above would be important if, oh, malicious processes need to be root to auto run or otherwise do 99% of the stuff they want to do. No, the only major thing the above does is make it harder to write a root kit.
It is correct that a process running as the logged on user typically will have access to the user's files. But if the malware wants to *infect* the machine it must ensure that it is somehow in the startup chain. If it can insert itself into the OS it will infect all users. Otherwise it will be gone on the next logoff/logon or system restart. What does Linux/Unix do to prevent a malicious process (e.g. a trojan) from infecting the machine? Is "root" the only barrier?
But malware doesn't have to be a root kit to be a major annoyance to remove.
On Linux/Unix/Mac OS X you may be correct. But on Windows (especially Windows 8) malware cannot intercept the boot process anymore. The kernel is integrity protected and will revert tampering automatically or outright refuse to boot a compromised system.
Right because in Linux land, 99% of drivers are open source and included with the kernel. That is to say, there can be static analysis of the code to much more readily guarantee against kernel tampering.
You really should try to understand what Kernel Patch Protection is. It is *not* static analysis; rather it is dynamic checksumming while the OS runs. It is protection against a malicious process getting foothold in the kernel by patching OS tables.
Beyond that, yes, the more noticeable examples of closed drivers (gfx card and wifi) are a real problem, but something like KPP is at best a hack to the problem. For the rest, trying to prevent local system escalation is generally more important anyways to prevent that vector of attack. But as I noted, it only tends to matter with root kits.
KPP is another layer of protection. A layer absent in Linux/Unix. And it is decidedly *NOT* protection against rootkits (where it is ineffective). KPP protects against rogue or compromised kernel mode drivers making unauthorized changes to running OS tables (such as the page table). Again, I understand that you don't get it: Linux/Unix doesn't have it.
Funny thing about digitally signed code. Even if it were a guarantee that you know where the code came from, it doesn't mean it's secure either by design
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
Sudo is not always equivalent to root, and SELinux can still put constraints on it anyway. Ubuntu and derivatives disable the root account by default; your more "appliance-like" distros (e.g. Meebo) will lock down things even further. It's relatively simple to configure what sudo will or will not do -- as a system administrator. It's not exactly grandma-friendly, though: sensible defaults are key.
I don't know about other people's use-cases. I need root on a wide variety of commands; restricting sudo on my (Debian) desktop would be more trouble than it is worth. Security always comes at a cost of usability.
The other consideration is that Linux users are, by and large, not downloading programs and scripts off the internet: Most programs are acquired through cryptographically signed repositories. IIRC, there have been a small number of cases where malware has been injected into an official repo, but to a first order approximation it doesn't happen. Win8 would have had a similarly good system with their App store, but they have API restrictions (Metro) which may not go over very well.
The rest of your points notwithstanding. Way too many Windows users are still stuck on XP, and a significant percentage of the rest disable UAC.
It's worth noting that security problems are more of an issue in single-user environments. A competent sysadmin is somewhat of a rarity, but if the NSA's documentation is anything to go by, the level of security achievable with Linux and Windows is pretty comparable -- in the same ballpark anyway. Now if you'll excuse me, I have to go flagellate myself for having said that. ;)
Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
yet %APPDATA% and the user profile is where the data the user actually cares about, so viruses actually do a lot of damage. I don't ware if a virus wipes out Office or some app, i would prefer to reinstall an app rather to start generating the data from scratch.
Same deal on Linux. I wonder why people always gives out the "viruses can't hit / , linux is secure" excuse.
Open Source Java Web Forum with LDAP authentication
That's irrelevant. All computers are sold with it, therefore it isn't a matter of IF, rather than WHEN.
My bet is that win8 will have more market share that linux by july 2013.
Open Source Java Web Forum with LDAP authentication
Administrator is not equivalent to root. Windows and Linux are designed quite differently, it's just wrong to say these two things are equivalent.
You are correct. One OS have 2 levels of users: regular users and a single all-powerful user. If you want to do anything remotely system oriented you have to run as the all-powerful user - even if it is just to mount a printer. The same OS is designed with extremely coarse-grained file-system permissions where you can only grant access to the owner, a *single* group or to *everyone* in the world. The same OS has *only* file system permissions and thus tries stupidly to map everything else that must be secured to a file - even if it doesn't fit the file metaphor at all - like e.g. processes.
The other OS comes with fine-grained privileges which can be assigned to any user, like for instance the privilege to change system time, to backup files, to take ownership. The other OS has fine-grained permissions on securable objects - allowing for inheritance, separation of read/write file from read/write permissions, multiple owners. Access to objects can even be granted to multiple groups - by design. The other OS also allows many object types (not just file system objects) to be secured: Processes, threads, semaphores, URLs etc. This other OS comes with a group "Administrators" which is just a group to which a number of powerful privileges have been granted. Members of this group are usually designated "Administrators" - but they are not all-powerful. Privileges can be removed from the Administrators group or even outright denied through other memberships.
So you are right. The first OS has a single all-powerful account while the other have just accounts. The first one requires that you elevate to *root* to perform a number of system tasks. While root the process can do *anything* on the system - and multiple exploits have used this to total system pwnage. The other OS does not require that you run as an all-powerful user. A user or group can be granted just the necessary privilege and the risk contained.
Which one do you prefer?
Now go on and tell us about the latest band-aids Microsoft has pasted over the open wounds of Windows security.
Tell me about the open wounds, then.
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
It's a fallacy that there are "many eyes" reviewing linux code. In reality for most non-kernel packages you have less than ten actual developers involved and its very rare for any outside that group to review the actual code. Sure plenty of people submit bugs and may even submit code samples, but they just are reviewing the code for possible vulnerabilities as this myth suggests. The reality is that far more people are hacking at Microsoft since they are the bigger target, and alas penetration their efforts do more often payoff.
And the other 85% is viruses and other malware that Windows 8 is still vulnerable to, but the built-in anti-virus software"protects" it from actually proceeding to cause infections. Turn it off, and Windows 8 retains probably 100% backwards compatibility with all of those viruses that the article is talking about from the last six months...
java is a pos no matter what os its running on
Windows has Windows Resource Protection (WRP). Unlike Linux/Unix, even if you run as an administrator (equivalent to root) you *do not* have permission to change operating system files. Only the TrustedInstaller account can change those files.
Oh, okay. So Windows' "root" account is actually "TrustedUser," not actually "Administrator." Gotcha. And that changes things in truly amazing, important ways... how?
Windows has Kernel Patch Protection (KPP). KPP encrypts and checksums certain OS tables of the running operating system to prevent tampering by rogue processes which somehow have gained kernel access (e.g. through a vulnerable driver). ... Is guaranteed security? no - but it is unlike anything you'll find in Linux/Unix.
Anyone sticking with the default, trusted software repositories doesn't exactly need to worry about rogue processes taking control of the kernel, so in Linux it's really mostly a non-issue...
Windows has a kernel mode signing policy [microsoft.com] which requires all software (drivers and more) which are to be loaded in kernel space to be digitally signed. If they are not signed they cannot be loaded. If a driver has been tampered with, the signature will be invalid and the kernel will refuse to load it. Ubuntu and Fedora now does have some signing protection, but they are incomplete in comparison, e.g. they only protect executable modules, not configuration files.
Again, the trusted software repositories minimize the need for this kind of primarily Windows-related protection. But like your previous point, yeah, it's great that Windows now has it... because it actually needs it.
Windows 8 introduced secure boot. The Windows 8 boot loader is signed with a key known to the UEFI bios. The boot loader will in turn check the integrity of the OS and configuration (using digital signatures) before the proceeds. This closes the vector where a bootkit takes control of the system and boots the OS in a virtualized environment through which it can patch the OS after boot.
I won't even touch this one. I'll just say that I have an extreme hatred toward the EFI-enabled "Secure Boot," and fast turtle (very) briefly went over why as far as the control of the owner and user of the computer goes, while being yet another source of money for Microsoft from those people who do not want to run their OS. And if you have an ARM processor... it cannot be turned off.
You go try that on a Windows 8 ARM-based machine and report back on how well that works.
Or if you want to save yourself the time, trouble and money, just read this:
Mandatory. Enable/Disable Secure Boot. On non-ARM systems, it is required to implement
the ability to disable Secure Boot via firmware setup. A physically present user must be
allowed to disable Secure Boot via firmware setup without possession of PKpriv. A Windows
Server may also disable Secure Boot remotely using a strongly authenticated (preferably
public-key based) out-of-band management connection, such as to a baseboard
management controller or service processor. Programmatic disabling of Secure Boot either
during Boot Services or after exiting EFI Boot Services MUST NOT be possible. Disabling
Secure Boot must not be possible on ARM systems.
Be sure to take special notice of the very last sentence in particular.
Source? Official Microsoft Windows Hardware Certification documentation for Windows 8.
http://msdn.microsoft.com/library/windows/hardware/hh748188
I don't get the Windows Eight Hate.
For my part, it's not hate. It's simply two decades of experience showing that every other windows release sucks. Since Vista sucked and 7 was halfway decent, 8 is going to suck. Microsoft isn't one to break with long traditions, is it?
So basically, I don't hate it, I just don't care. My point was about how a specific perspective changes the message.
Assorted stuff I do sometimes: Lemuria.org
couldn't be stuffed reading all your gobbledygook, but i don't know what you're smoking about the whole "trustedinstaller" user thing.
regardless of who i'm logged into on a windows machine, i can install any program with simple click-through privelige escalation
root in linuxland is simply the highest level of access, which is also required for windows to be able to operate (regardless of whether you call it admin, trustedinstaller, blahblah).
i guess windows doesn't have any excuse for being the insecure, virus-riddled crapware that is is then huh?
by definition a virus must spread itself to infect more machines. linux doesn't offer that means, but windows does. hence no linux viruses (except for lab experiments).
Since Linux/Android is growing logarithmically, units more than two years old are not a significant fraction of the installed base.
Help stamp out iliturcy.
couldn't be stuffed reading all your gobbledygook, but i don't know what you're smoking about the whole "trustedinstaller" user thing.
regardless of who i'm logged into on a windows machine, i can install any program with simple click-through privelige escalation
Of course you can install software when you are admin. But please go ahead and try to delete operating system files, rename or overwrite them. You will soon discover that in Windows even the administrator is not all-powerful. Only TrustedInstaller is allowed to change OS files; and there is no way to log in as TrustedInstaller.
Changing OS files (changing configuration, overwriting drivers or loadable modules/libraries) is a common way for malware to try to insert itself into the OS to ensure that it gets executed again during system startup.
The Windows operating system protects its files through multiple mechanisms. The first is that even Administrators are not allowed to overwrite or change the OS files. The second is that if you succeed in changing OS files (you *can* probably use admin privileges to take ownership of OS files and then change them) then integrity checks during boot will detect the tampering and will restore the files from an encrypted cache.
root in linuxland is simply the highest level of access, which is also required for windows to be able to operate (regardless of whether you call it admin, trustedinstaller, blahblah).
root in linuxland is all-powerful. root can change, delete or overwrite *anything*.
Windows practices separation of duties. Yes, that's an actual security principle. Changing individual operating system files is something even an administrator should not be allowed to do. He should be allowed to change certain configuration and even point to an update package and launch an installation process. But he should not be allowed to tweak individual operating system files. That is both unnecessary and a liability.
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
once they support all of my current viruses variants that will get modded to be included in that 15%. Does security really sales that much?!?! Apple has never stopped to try to make us a load of controlled idiots that believe that just because something is signed then it is more secure even when using technology from the 70's (objective ... c).
What I meant is that various exploits malware relied on were patched through the years or changed so these exploits don't work anymore. MS is actually pretty good at that, even if the rest of their code stays the same. Faulty and exploitable parts of WinXP were very heavily rewritten for Vista, for example, I didn't have a chance to look at Win8 that closely yet but I'd assume they did the same again.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Yeah. Windows 8 is great. It's so much better at protecting users from malware. It's even 85% effective against trojans. It's just tons better than Linux security wise.
Now that that's out of the way, am I really at all guaranteed that (a) I won't be infected with malware with Windows 8 or at least (b) that if there is malware installed on the system some how, all the files that compose it will be clearly marked, grouped together, and easily deleted from the system? Because as a Windows user, I really don't care how insecure Linux or Mac OS X might be. What I do care about is dealing with the malware threat(s) that actually exist that effect me. And everything you've stated about beefed security has, AFAIK, not stood up to the test of time. At best, they've mitigated the risks and still resulted in tons of malware infections that may some day effect me.
Eurohacker European paranoia, gun rights, and h
You're comparing apples and oranges. The analogue is Windows, not Windows 8.
Windows' market share hasn't changed in a significant way. Yet, their security has improved. Clearly the secureness of a software product is independent of its market share.
Having a larger market share only means that there will be more attempts. It doesn't say jack shit about how successful those attempts will be. You can't use market share to say much of anything about the security of a product. It doesn't work. It's folklore.
I want this account deleted.
It's not that uncommon to find vulnerabilities that span multiple versions. Some vulnerabilities go unnoticed for a long time. There are often large parts of software that go unchanged for many years. This isn't an open vs closed source thing either. Version numbers often change faster than the bulk of the code. Having different versions doesn't make you immune. It really is not that uncommon for a security advisory to be issued against many versions of a product.
Version numbers != obscurity.
I want this account deleted.
No they weren't. That's something that happened over time. SE Linux and its competitors are basically bolt on security that came after the fact.
Note: I'm not saying anything about how secure Linux is secure today. I'm just saying that it wasn't a design goal from the start.
I want this account deleted.
Not on it's own it doesn't, but Linux is nothing more than a Kernel. Distributions out there may run a very wide variety of different software on top of that kernel. So in reply to the GP the idea that someone's linux router being as similar as an Ubuntu installation as two copies of Windows is completely disingenuous.
Go back and read your post. You were talking about how different versions of "Apache, MySQL, PHP" would make a difference. Routers might be running different software than desktops but that doesn't seem to be what you were talking about. You were talking about running different versions of the same software.
I want this account deleted.
delete operating system files, rename or overwrite them
try doing the same for ANY file that is currently in use (open/locked)
root in linuxland is all-powerful. root can change, delete or overwrite *anything*.
actually if the file is in use by the OS you will come across the same thing in linux
...and all of that is notwithstanding anything to do with permissions
Changing individual operating system files is something even an administrator should not be allowed to do
true true, unfortunately not the case for windows because malware still seems to find ways
proof is in the pudding... a global dominance of datacenter, web service and embedded markets has resulted in zero widespread threats for linux, while i have heard of cases where even a brand new out of the box windows machine is already infected
You could build a beowulf cluster of those!
READ IN MONTY PYTHON VOICES, midstream:
JOHN CLEESE: "Protects against all security threats by which means someone wants to take over your wireless printer to print ASCII pr0n! Absolutely *NO* Word 2003 viruses get through. My life's work has been leading up to this."
ERIC IDLE: "Excuse me. I rather like the ASCII pr0n. The problem that I'm facing is that I run a facility --"
"Yes?"
"-- a facility that processes certain *material,* let us say --"
"Yes? Yes? Out with it, man!"
"-- is rather sensitive."
"How do?"
"We're making a nuclear bomb."
"Ah, well why didn't you *say* so?! We've got all kinds of help for you in that case ... "
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5