Slashdot Mirror
Virus Eats School District's Homework
theodp writes "Forget about 'snow days' — the kids in the Lake Washington School District could probably use a few 'virus days.' Laptops issued to each student in grades 6-12 were supposed to accelerate learning ('Schools that piloted the laptops found that students stayed engaged nad [sic] organized whiel [sic] boosting creativity,' according to the district's Success Stories), but GeekWire reports that a computer virus caused havoc for the district as it worked its way through the Windows 7 computers, disrupting class and costing the district money — five temporary IT staff members were hired to help contain the virus. Among the reasons cited for the school district's choice of PCs over Macs were the proximity to Microsoft HQ (Redmond is in the district), Microsoft's involvement in supporting local and national education, and last but not least, cost. In the past, the Lake Washington School District served as a Poster Child of sorts for Microsoft's Trustworthy Computing Group."
Among the reasons cited for the school district's choice of PCs over Mac's were (...) cost.
And yet Linux was never an option? Avoided Apple to reduce the cost and ended up hiring 5 people to contain the damage that came as a consequence of their choice... way to go!
Hi, school IT tech here. I'm all for a pay rise! How about we raise your taxes so I can get one? Don't like that idea, right? Maybe take some money out of health care? Sanitation? Policing?
Yeah... I didn't think so. After four years, I make around 60% of what I would in the private sector starting wage for the same job. Guess what, though! Jobs are scarce, so I can't afford to be picky. Yes, I'm good at what I do (and I've done great things for this school), but by no means is the public sector all green fields and pork barrel funding. We're more cash-strapped than you can imagine (I'm having to buy cheaper asset labels, for pity's sake).
Finally had enough. Come see us over at https://soylentnews.org/
Windows however does not have privileged separation from the ground up
What do you suppose UAC is? And what do you mean "from the ground up"-- NT "from the ground up" has notions of users and different privilege levels that possibly eclipses the Unix world in scope and granularity.
Why do you think Chrome has robust sandboxing on Windows, but not on other platforms? As I recall, the reason the Chrome team gave was that, quite simply, Windows had better supported mechanisms for stripping privileges from processes (I believe they mentioned there was a way to do the sandboxing, but it used a little-used method that was not recommended on Linux).
Im not a Linux guru; Ill admit that. But Im not aware of a bog-standard Linux or Mac install having the ability to set permissions and privileges on specific processes completely aside from the context that launched them; or being able to set permissions on specific entries in a particular plist file (the equivalent of per-key permissions in the windows registry). As I recall, Windows also has more robust ASLR-- or at least did for many years-- than Linux or Mac, earlier support for DEP, and more granular ACLs on its default filesystem.
I really dont want to get into a "this OS is better than that" argument, because different philosophies went into each, and each has its strength. OSX focuses heavily on user experience. Linux focuses heavily on modularity, flexibility, and extreme hackability. Windows tends to focus on business and end-user experience, but without as much focus on OSX; there is also, however, a very big focus on security given all the bad press Windows has had over the years. It has very much undergone trial by fire, and to some extent that makes me less inclined to just say "go OSX; it has 0 track record with thwarting viruses, but Im sure it will be fine". Most big viruses I see either tend to be on XP holdouts, or else tend to be removable in a few minutes due in large part to UAC.