The devil is in the details. In this case, "most of the western world" would probably disagree quite strongly on a) what constitutes infringement, b) how long works should be protected for and c) what the punishments should be.
For example, I doubt you'd find many people who think downloading a song that gets played ten times a day on free to air radio should be considered infringement. Similarly, you will probably not find a lot of sympathy for media companies claiming to be "suffering" from copyright infringement in the face of ever increasing profits and ever decreasing product quality.
But I said "calling windows 'designed' in the first place" - not windows NT.
The only version of Windows available for the last ~5 years has been Windows NT. My assumption that Windows NT was what you were talking about, was quite valid.
You can make exactly the same arguments about unix & windows evolving, then getting a major overhaul in later years.
About DOS-based Windows, yes. About Windows NT, no.
(You see, I'm not a unix bigot, I'm just exposing you to be a windows bigot).
How, pray tell, have you done that ? By saying my prefectly reasonable assumption wasn't what you meant ?
I think you need to read up on your UNIX and Windows NT history. You might also want to stop throwing aroung words like "bigot" at people you don't know anything about.
If you actually read the white paper, you would know that it was talking about introducing things post windows 2000.
What things ?
If you'd actually read my comment you would have seen that nowhere did I say they could only be found in Unix.
If Windows is becoming "more like unix", as you state, then logically it can only be copying features from unix and not anywhere else.
If you'd actually read the conclusions you would have seen plenty of reccomendations to basically "make it more unix like".
Really ? Let's see:
Conclusion #1 suggests improving centralised, integrated management capabilities. Not only that, but it specifically states:
This does not necessarily mean that we should slavishly follow the UNIX model of iterating through a list of machines with an rsh command, or pushing configuration files to a list of machines.
So, conclusion one not only disagrees with your assertion, but specifically suggests the opposite.
Conclusion #2 is about pricing.
Conclusion #3 is about improving the IIS configuration tool. It suggests the tool should be replaced by (based on the commentary in the whitepaper) by something more automatable. This is the only conclusion that could - just barely, if you squint the right way - be interpreted as suggesting an aspect of Windows (well, the bundled webserver) become more unix-like. That is, if you believe the only other place automatable configuration can be found is unix.
Conclusion #4 is simple common sense.
Conclusion #5 merely states that teaching unix users how to use Windows is difficult. Anyone who has tried to convince the average Slashdot troll that Windows 2003 really is different from Windows 3.1 could figure that out.
Conclusion #6 states that conversions need to be made easier and more automatable and that availability should not be impacted during the transition.
In short, I hope you're not a MS shill - because MS would be wasting their money on you (all you can do is play silling semantic games, rather then try to discuss something).
Heh. Someone making snide comments based on Windows != Windows NT is accusing me of silly semantic games...
I'll ask again, since you seem to be incapable of doing anything except insults, waving your arms and pointing to other people to backup your arguments, which features have come into Windows, from unix. I'll also point out, again, that for something to have "from from unix", it must be something that isn't present in other OSes (either past or present).
If there's so much stuff that recent versions of Windows have "stolen" from UNIX, as you keep implying, it should be simple for you to come up with ten non-trivial examples.
(What's particularly funny about your whole argument, is that, if anything, it's unix platforms which are becoming more like Windows in recent times. The real truth, of course, is that every platform is simply implementing their own versions of obvious improvements.)
Actually, it is a relief. Because now, I can reboot and restore my "life's work" from my backups.
Even the few people I know who backup, don't do it every second. So the last 8 hours you've spent writing that report are now wasted.
No matter how much sophistry people like you continue to spew, the simple fact is the user's data is *infinitely* more valuable that the system software. "Just restore from backup" is not a suitable solution.
"Policy" is an important part of OS security. Perhaps the most important part!
Policy is the purvue of users, not software.
You missed two important words. "By default"! Windows can, in theory, be somewhat secure, but out of the box, it isn't.
Funny, I thought we were talking about operating systems, not how people use them.
Again, your requirements for a "truly secure operating system" - apart from being worthless - Windows is already more than capable of meeting.
I don't think non-Admin accounts are a "silver bullet". I think it's more like adding locks and security alarms to my house.
Actually it's more like a "beware of dog" sign.
When you don't have a dog.
A determined and skilled burglar will still be able to enter my house, but at least I won't have people entering through open windows.
It doesn't take much "skill" to get around a non-admin account if the user has the ability to elevate privileges.
I agree that Windows will always have a malware problem, even if Microsoft made it secure (and they still have a long way to go for that), but it can be reduced considerably, and non-Admin accounts is a big step in the right direction.
What exactly do you think they need to do to make it "secure" ?
You see, the nifty thing about your definition is that it excludes both bugs and user errors by talking only about capabilities.
Actually it only excludes user errors. Because user errors aren't something an OS can reliably do anything about.
Oh yes - and you don't want to restrict user access. You want to restrict unauthorized access.
And you question me about academic distinctions.
To the OS, there is no difference. All access == user access. The OS doesn't know whether "fred" really is fred, or if he's "CrashBurn" using fred's login.
I'm not so sure about that. OpenBSD has had one remote root (default install) or about a dozen (real-world setup) depending on how you count.
It's not hard to have a record like that when you don't actually *do* anything out of the box, and even "real world" setups are a tiny, tiny proportion of machines out there.
(Not that I have anything against OpenBSD - it's an excellent platform for border security - but that claim has always been rather empty in context.)
The reasoning might apply to every platform, but to varying degrees.
Your argument is because there *might* be unknown exploits, the platform cannot ever be considered secure. I fail to see how that argument does not apply to all platforms, *regardless* of their history.
see above. Unless, of course, you do what some liars^H^H^H^Hconsultants do and add up "Linux exploits" by adding up all of Debian, Redhat, Suse, etc. even though it's the same exploit.
When you take away all the Windows exploits that only worked in poorly configured and/or maintained environments, its security record is quite reasonable. This is the *only* way you can get even close to a reasonable comparison of OS security (and even then, the marketshare and user demographics make any sort of rational comparison impossible).
Well, yes. Sooner or later you always arrive at a human making an error. Until computers design, build, configure and administrate themselves that won't change.
Certainly, it always boils down to a human in the end, however, there is a qualitative difference between user ( or administrator) errors and programmer (OS) errors.
Most remote exploits - Windows or otherwise - are caused by poorly configured or maintained software. That is a *very* different class of exploit to a software bug.
The fact remains that some environments make it easier to make mistakes. Why do Windos machines get owned by the bucketload and Mac machines don't even though I wouldn't exactly say the average OSX user is more tech savy than the average XP user?
Because Windows machines outnumber OS X machines about 100:1. There are a lot of very important effects that this influences - which I will be happy to elucidate, if you want (most people just retort with "apache") - but that's what the view from 10000 feet essentially is.
Errmm...... you haven't seen many banks from the inside, have you?
Banks, no. Similarly large environments, yes.
While will agree that in an absolutist sense, "large enterprises" have poorly run "security" departments, they're still streets ahead of smaller environments purely by virtue of their size. You *have* to have good technical staff just to keep large environment afloat and they inherently bring along with them substantially better protection against attacks, simply by virtue of noticing things that "aren't right" sooner - and being capable of fixing them.
Big targets are inherently more difficult to crack, and it is my experience that their difficulty increases much quicker than their attractiveness, except to people with "real" motivations like [industrial] espionage or the like - and in those sorts of situations, the software is unlikely to be the (primary) vector.
Merely using the Internet and getting your browser hijacked by visiting the "wrong" page is not user error.
Which the majority of malware infections are *not* caused by.
Sorry, but the "install this to get cool cursors" and "run this attachment to see t3h b00bies" are still the most common vectors for malicious code.
If you were a 1337 script kiddie looking to get famous, would you rather write the 10,000th Windows virus that brings millions of PC's to a screeching hault, or be the first person in history to write a virus that brings millions of Macs to a hault?
You seem to be missing the point. When your uber-virus is only going to have a *best case* scenario of infecting 1% of machines, it's unlikely that it's going to spread particularly fast or far and get to that "million-mac" part before being stopped.
There's nothing in OS X that stops viruses (et al) being impossible or ineffective. There's simply no-one writing them. There's no-one writing them because the cost:benefit ratio is atrocious.
(Oh, how frequently I've been tempted to throw something together just so smug arseholes like you can get some egg on their faces).
Sure it does, only it's called Administrator, [...]
Administrator is not a superuser.
Do you understand what a 'superuser' actually is ?
[...]which most Windows users run as since Windows has piss poor priveldge escalation/separation.
Windows has more than adequate "privilege escalation/separation". The problem is developers writing bad software.
Maybe they wanted something better designed then unix, but they didn't get it! (calling windows 'designed' in the first place is being fairly generous)
Well, when you're stuck in the rose-tinted mindset of "unix is the be-all and end-all of Operating Systems", that's about the attitude I'd expect.
UNIX has been hacked on by developers since the day it was first conceived. Apart from some very basic guidelines, it's a product of iterative implementation of a hobbyist sytem, not design. Which is why it had design flaws like a superuser.
By what measure is Windows NT not "designed" ? Have you read anything about its history ?
Errr right, I suggest you read this Microsoft whitepaper written in 2000. It points out a lot of problems with win2k found during the unix -> windows migration for hotmail. Many of the reccomendations are basically "make it more unix like" and many of them have been implemented in the time since.
The whitepaper (which I've read before) does not appear to support your assertion (although the part about UNIX administrators is unsurprisingly funny). I am curious, however, as to which of the 6 things listed in the conclusions you think are only previously found in unix (or even which things were new in Windows 2000 that can only be otherwise found in unix OSes).
it will slow people down. maybe long enough to recover the data or somehow make it less useful (change ids, passwords, etc). even good encryption will eventually fail. the best you can do is to make it difficult.
Note that when "eventually" is a timeframe measured in tens to hundreds of years, that's probably good enough for just about anyone.
[They used the scratchy ipod plastic not because they didn't know it was scratchy, but because Steve liked the look of it.]
You have no way of knowing if this is the case.
It's a pretty reasonable bet, though. Steve Jobs is *infamous* for valuing his aesthetic opinions of a product over every other feature and imposing them on others (famous example: wanting to rearrange the circuitry inside the Apple ][ (I think it was) so it looked better).
I remember reading someone reminiscing about NT & saying (speculating? guessing?) that MS had some sort of non-compete clause as part of the deal to sell xenix to sco that said they would not enter the unix OS market - and thats why they didn't ship a unix OS
Probably because they wanted something that was designed better than unix (even calling unix "designed" in the first place is being fairly generous).
(after all every competing OS is unix-like & windows becomes more so with each release).
The only way Windows is becoming more like unix, is if your worldview starts and ends at Windows and unix. If anything, unix is becoming more like Windows.
I think that many of us propellerheads on/. think more of implementing a secure design at an architectural level.
At an *architectural level*, the design of Windows is excellent.
As the author mentions, much of what Microsoft does is "protecting users from their own stupidity". While this addresses security, it is not an effective solution to security problems.
Actually it is, because the vast bulk of "security problems" are caused by the users' stupidity.
While Microsoft has made some effective security changes at lower levels (services off by default, user vs. kernel space for drivers, an installer service that runs under a more appropriate security policy, etc) there is still a lot about the upcoming Windows that is architecturally flawed.
Like what ?
Instead of making design changes MS has elected to take the band-aid approach of trying to direct users away from pitfalls due to these architectural flaws (firewalls set to "maximum nag" mode, anti-virus to the hilt, "are you sure" dialogue boxes warning of potentially dangerous
Firewalls and antivirus software aren't protecting you from "architectural flaws".
While improvements in Vista will certainly reduce the frequency of serious, high-profile security incidents it'll be a slow reduction and many years before we are at an acceptable state of affairs.
I predict it will make SFA difference and Microsoft will continue to wear the blame for user ignorance and stupidity.
You hit the nail on the head. Its not that Microsoft is finally taking an interest in user security, its the fact that they're bolting it on to a system that wasn't designed with it in mind in the first place.
They're not "bolting it on", Windows NT *was* designed with security "in mind" from day one. Far better security than traditional unix, as well.
personally i regard rms's views on the matter somewhat more highly than yours. in the time of drm et al. one should not be taking steps towards giving up our freedom.
The lack of a stable Linux ABI has nothing to do with either RMS, DRM or "Freedom". It's Linus who doesn't want to commit to - and then be "restricted" by - a defined specification.
"Inadequate security" is first and foremost a very generic term open to interpretation.
Indeed it is. Given the context of the discussion, I am interpreting it to mean "deficiencies in the technical capabilities of Windows with regards to restricting user access". I don't see how any other interpretation could be reached, nor worth having a discussion about.
And if you think you can safely run a Windows system in any environment (except one allowing no access at all, neither local nor remote) than you are betting the farm that despite a couple hundred root-level exploits having been found in the past there are no future ones.
Reasoning which applies to every platform. So, again, not worth talking about if you're going to work in such an unhelpfully absolutist context.
It's the computer security equivalent of saying "the sun is going to burn up and kill us all, so what's the point eve getting out of bed ?"
You apparently go by sheer quantity. And yes, on that scale you are correct, the 1000 or so compromised server machines a day don't even compare to the 100,000 or so compromised windos workstations.
The reason I am working on quantity is because that is the context of the discussion. There have been *at least* as many "quality" vulnerabilities in non-Windows platforms over the years (with the possible exception of OS X due to its relative youth and relative lack of presence in large enterprise environments).
And if you are looking for something specific (say, half a million credit card numbers) then servers are where you're going and remote code execution is what you're looking for, even though by pure quantity that is a minor vector.
And even then most server exploits are the result of users - sysadmins, in this case - being irresponsible, ignorant, or just plain negligent.
I seem to recall that nearly all of the major remote Windows exploits have been the result of either a) unpatched holes (when patches have been available for extended lengths of time) or b) admins not changing default passwords and/or configurations.
Numbers alone don't mean shit. At the very least, you have to take Numbers times Impact.
The Numbers when you're talking about (non-server) Windows machines are so relatively huge that they almost always outweigh any Impact measurements. Windows desktops outnumber every other type of machine by around 90 to 1. That's damn near *two orders of magnitude* greater Numbers (yet frequently, Slashdot posters insist that this massive difference is irrelevant). Similarly, Windows Servers - *especially* in the small & medium enterprise market, where the bulk of the industry is - are more common than anything else (I will agree that Windows's penetration into high-end environments is relatively small).
So, yes, while something like a huge multinational bank is a nice, juicy target, it also has a highly trained team of people watching its systems 24/7, *proactively* trying to identify and close down any potential vulnerabilities and reactively fixing any exploits extremely quickly. While the attractiveness of a target increases significantly with its size, I would argue (and it is my experience) that its ability to defend itself and respond to attacks increases much, much faster (regardless of platform). This reasoning also applies to - and is validated by - security in "meatspace" as well.
Just had a fully patched, Windows Fire-walled, Sophos Antivirused, IPSec-filtered WinXP SP2 box get hacked (lots of free french films). User uses Thunderbird for email. I'm still scratching my head about that one.
Does the user run in an Administrator account, or is able to execute code as an Administrator ?
Much of the issue would be resolved if Windows did not default to admin accounts, and if software more consistently worked in non-admin accounts.
Sadly, this isn't true. Very little - if anything - the typical piece of malware wants (or needs) to do requires elevated privileges. The only real reason running as a non-Admin works today is because so much malware is a badly written as so much other Windows software.
Not to mention, even those OSes defaulting to unprivileged users, still have a basically automatic facility wherein users can temporarily raise the privilege level of executing code. That in itself pretty much negates any advantage a regular user account offers to an ignorant/unskilled end user, because all a piece of malicious code needs to do to get elevated privileges is swap them for a candy bar.
I'm cautiously optimistic this will improve with time.
I'm not. Given the timeframe Vista's uptake is going to occur over, I'll be surprised if the move to non-Admin accounts has any measurable impact at all. By the time they're common, malware we have been suitably redesigned not to break in them.
NOTE: I still can't forgive OS X for making the same mistake -- OS X defaults to an admin account. This is really frustrating. Apple hasn't learned from, or worse yet has wilfully ignored, Microsoft's depressingly obvious mistake.
An admin is OS X is not the same as an admin in Windows. A closer (but not equivalent) analogy to a Windows Administrator user in OS X is 'root' (although 'root' has far more power over a unix system than Administrator does in Windows).
Lots of people on Slashdot seem to think non-Admin accounts are the silver bullet that protects other platforms from malware, and will finally rid Windows of it. Back (way back) in the good old days of Slashdot, I'd say that was because they mistakenly though their experience with large, managed, centralised multiuser systems had some relevance to the home desktop scenario. These days, I'm far more inclined to think it's a bunch of angst-ridden 16 year old kids who like to pretend they've got experience running a green-screen-serving business mainframe, turning over their BOFH Excuse Card every day and going <clickety-click> whenever someone asks them something, but who have never been closer to such an environment than a book (and still mistakenly believe it has relevance to unmanaged desktop PCs).
As long as uneducated users are able to make bad decisions about what software runs on their computers, the virus/adware/spyware/whatever problem will not be solved.
A truly secure OS wouldn't, by default, give the average user delete permission for every file on the PC.
Right. Because still being able to reboot is such a relief after having your life's worked wiped out by a virus.
A truly secure OS would discourage running as an Admin for routine tasks.
This is a matter of policy, not OS security.
A truly secure OS might not stop 14 year old Peggy-Sue from messing up her own files, but it should protect Peggy-Sue's dad from her virus-laden downloads (by default).
You haven't described anything Windows can't do. So I guess you're saying Windows is a "truly secure OS".
Yes, a lot of users are stupid. But if the vulnerabilities weren't there in the first place there would be far fewer problems.
You seem to be under the mistaken impression that most malware infections come from software vulnerabilities, when they in fact come from user error.
A user error and software vulnerability (assuming by which, you mean "bug") are pretty much mutually exclusive.
If Windows was as secure as OS X -- and sorry, Apple fans, it's not as secure as some other *nix distros -- a virus would be a rare thing simply because it wouldn't have anything to work with.
Right. So you're saying you can't download and run things on OS X ? Interesting claim...
Despite the stereotypes many would have you believe, there are a lot of Mac users who are just as clueless as the Windows user you're describing, but their systems haven't been compromised because the OS they're using isn't horribly insecure to begin with.
Their systems haven't been compromised because no-one is bothering to write viruses that only have a best-case scenario of infecting 1 in every 100 machines.
Patches aren't enough, the system needs to be built from the ground up with much higher security. [...] Never mind that they should've built a secure OS in the first place like practically everyone else did.
Windows has far more security in its design than OS X (and traditional unix). For a start, it doesn't have a superuser.
XP, which sits atop 2000, which sits atop NT, which sits atop Xenix (MS's attempt at Unix), can't be fixed. The relational diagrams look like spegetti. That is why Vista sits atop a whole new code base that looks like stacked blocks in a brick wall.
Wow. I don't think you could fit more errors into three lines...
The point is, if the OS was secure in the first place, antivirus/antispyware wouldn't be needed.
This meme is so ridiculously, incredibly, obviously *wrong* that I can't even comprehend how it was started, let alone how it continues to propogate. It doesn't even pass the laugh test for any tech-savvy user who has a shred of experience with end users.
Here's a hint: whether or not something is "malware" is a matter of opinion.
The devil is in the details. In this case, "most of the western world" would probably disagree quite strongly on a) what constitutes infringement, b) how long works should be protected for and c) what the punishments should be.
For example, I doubt you'd find many people who think downloading a song that gets played ten times a day on free to air radio should be considered infringement. Similarly, you will probably not find a lot of sympathy for media companies claiming to be "suffering" from copyright infringement in the face of ever increasing profits and ever decreasing product quality.
The only version of Windows available for the last ~5 years has been Windows NT. My assumption that Windows NT was what you were talking about, was quite valid.
You can make exactly the same arguments about unix & windows evolving, then getting a major overhaul in later years.
About DOS-based Windows, yes. About Windows NT, no.
(You see, I'm not a unix bigot, I'm just exposing you to be a windows bigot).
How, pray tell, have you done that ? By saying my prefectly reasonable assumption wasn't what you meant ?
I think you need to read up on your UNIX and Windows NT history. You might also want to stop throwing aroung words like "bigot" at people you don't know anything about.
If you actually read the white paper, you would know that it was talking about introducing things post windows 2000.
What things ?
If you'd actually read my comment you would have seen that nowhere did I say they could only be found in Unix.
If Windows is becoming "more like unix", as you state, then logically it can only be copying features from unix and not anywhere else.
If you'd actually read the conclusions you would have seen plenty of reccomendations to basically "make it more unix like".
Really ? Let's see:
Conclusion #1 suggests improving centralised, integrated management capabilities. Not only that, but it specifically states:
So, conclusion one not only disagrees with your assertion, but specifically suggests the opposite.
Conclusion #2 is about pricing.
Conclusion #3 is about improving the IIS configuration tool. It suggests the tool should be replaced by (based on the commentary in the whitepaper) by something more automatable. This is the only conclusion that could - just barely, if you squint the right way - be interpreted as suggesting an aspect of Windows (well, the bundled webserver) become more unix-like. That is, if you believe the only other place automatable configuration can be found is unix.
Conclusion #4 is simple common sense.
Conclusion #5 merely states that teaching unix users how to use Windows is difficult. Anyone who has tried to convince the average Slashdot troll that Windows 2003 really is different from Windows 3.1 could figure that out.
Conclusion #6 states that conversions need to be made easier and more automatable and that availability should not be impacted during the transition.
In short, I hope you're not a MS shill - because MS would be wasting their money on you (all you can do is play silling semantic games, rather then try to discuss something).
Heh. Someone making snide comments based on Windows != Windows NT is accusing me of silly semantic games...
I'll ask again, since you seem to be incapable of doing anything except insults, waving your arms and pointing to other people to backup your arguments, which features have come into Windows, from unix. I'll also point out, again, that for something to have "from from unix", it must be something that isn't present in other OSes (either past or present).
If there's so much stuff that recent versions of Windows have "stolen" from UNIX, as you keep implying, it should be simple for you to come up with ten non-trivial examples.
(What's particularly funny about your whole argument, is that, if anything, it's unix platforms which are becoming more like Windows in recent times. The real truth, of course, is that every platform is simply implementing their own versions of obvious improvements.)
Even the few people I know who backup, don't do it every second. So the last 8 hours you've spent writing that report are now wasted.
No matter how much sophistry people like you continue to spew, the simple fact is the user's data is *infinitely* more valuable that the system software. "Just restore from backup" is not a suitable solution.
"Policy" is an important part of OS security. Perhaps the most important part!
Policy is the purvue of users, not software.
You missed two important words. "By default"! Windows can, in theory, be somewhat secure, but out of the box, it isn't.
Funny, I thought we were talking about operating systems, not how people use them.
Again, your requirements for a "truly secure operating system" - apart from being worthless - Windows is already more than capable of meeting.
Actually it's more like a "beware of dog" sign.
When you don't have a dog.
A determined and skilled burglar will still be able to enter my house, but at least I won't have people entering through open windows.
It doesn't take much "skill" to get around a non-admin account if the user has the ability to elevate privileges.
I agree that Windows will always have a malware problem, even if Microsoft made it secure (and they still have a long way to go for that), but it can be reduced considerably, and non-Admin accounts is a big step in the right direction.
What exactly do you think they need to do to make it "secure" ?
Actually it only excludes user errors. Because user errors aren't something an OS can reliably do anything about.
Oh yes - and you don't want to restrict user access. You want to restrict unauthorized access.
And you question me about academic distinctions.
To the OS, there is no difference. All access == user access. The OS doesn't know whether "fred" really is fred, or if he's "CrashBurn" using fred's login.
I'm not so sure about that. OpenBSD has had one remote root (default install) or about a dozen (real-world setup) depending on how you count.
It's not hard to have a record like that when you don't actually *do* anything out of the box, and even "real world" setups are a tiny, tiny proportion of machines out there.
(Not that I have anything against OpenBSD - it's an excellent platform for border security - but that claim has always been rather empty in context.)
The reasoning might apply to every platform, but to varying degrees.
Your argument is because there *might* be unknown exploits, the platform cannot ever be considered secure. I fail to see how that argument does not apply to all platforms, *regardless* of their history.
see above. Unless, of course, you do what some liars^H^H^H^Hconsultants do and add up "Linux exploits" by adding up all of Debian, Redhat, Suse, etc. even though it's the same exploit.
When you take away all the Windows exploits that only worked in poorly configured and/or maintained environments, its security record is quite reasonable. This is the *only* way you can get even close to a reasonable comparison of OS security (and even then, the marketshare and user demographics make any sort of rational comparison impossible).
Well, yes. Sooner or later you always arrive at a human making an error. Until computers design, build, configure and administrate themselves that won't change.
Certainly, it always boils down to a human in the end, however, there is a qualitative difference between user ( or administrator) errors and programmer (OS) errors.
Most remote exploits - Windows or otherwise - are caused by poorly configured or maintained software. That is a *very* different class of exploit to a software bug.
The fact remains that some environments make it easier to make mistakes. Why do Windos machines get owned by the bucketload and Mac machines don't even though I wouldn't exactly say the average OSX user is more tech savy than the average XP user?
Because Windows machines outnumber OS X machines about 100:1. There are a lot of very important effects that this influences - which I will be happy to elucidate, if you want (most people just retort with "apache") - but that's what the view from 10000 feet essentially is.
Errmm... ... you haven't seen many banks from the inside, have you?
Banks, no. Similarly large environments, yes.
While will agree that in an absolutist sense, "large enterprises" have poorly run "security" departments, they're still streets ahead of smaller environments purely by virtue of their size. You *have* to have good technical staff just to keep large environment afloat and they inherently bring along with them substantially better protection against attacks, simply by virtue of noticing things that "aren't right" sooner - and being capable of fixing them.
Big targets are inherently more difficult to crack, and it is my experience that their difficulty increases much quicker than their attractiveness, except to people with "real" motivations like [industrial] espionage or the like - and in those sorts of situations, the software is unlikely to be the (primary) vector.
Which the majority of malware infections are *not* caused by.
Sorry, but the "install this to get cool cursors" and "run this attachment to see t3h b00bies" are still the most common vectors for malicious code.
If you were a 1337 script kiddie looking to get famous, would you rather write the 10,000th Windows virus that brings millions of PC's to a screeching hault, or be the first person in history to write a virus that brings millions of Macs to a hault?
You seem to be missing the point. When your uber-virus is only going to have a *best case* scenario of infecting 1% of machines, it's unlikely that it's going to spread particularly fast or far and get to that "million-mac" part before being stopped.
There's nothing in OS X that stops viruses (et al) being impossible or ineffective. There's simply no-one writing them. There's no-one writing them because the cost:benefit ratio is atrocious.
(Oh, how frequently I've been tempted to throw something together just so smug arseholes like you can get some egg on their faces).
Sure it does, only it's called Administrator, [...]
Administrator is not a superuser.
Do you understand what a 'superuser' actually is ?
[...]which most Windows users run as since Windows has piss poor priveldge escalation/separation.
Windows has more than adequate "privilege escalation/separation". The problem is developers writing bad software.
Well, when you're stuck in the rose-tinted mindset of "unix is the be-all and end-all of Operating Systems", that's about the attitude I'd expect.
UNIX has been hacked on by developers since the day it was first conceived. Apart from some very basic guidelines, it's a product of iterative implementation of a hobbyist sytem, not design. Which is why it had design flaws like a superuser.
By what measure is Windows NT not "designed" ? Have you read anything about its history ?
Errr right, I suggest you read this Microsoft whitepaper written in 2000. It points out a lot of problems with win2k found during the unix -> windows migration for hotmail. Many of the reccomendations are basically "make it more unix like" and many of them have been implemented in the time since.
The whitepaper (which I've read before) does not appear to support your assertion (although the part about UNIX administrators is unsurprisingly funny). I am curious, however, as to which of the 6 things listed in the conclusions you think are only previously found in unix (or even which things were new in Windows 2000 that can only be otherwise found in unix OSes).
Given that the submitter is talking about DSL, it's more than likely that physics is the limiting factor in performance, not the ISP.
DSL performance - especially high-speed DSL - drops off dramatically as distance from the exchange increases.
Note that when "eventually" is a timeframe measured in tens to hundreds of years, that's probably good enough for just about anyone.
It's a pretty reasonable bet, though. Steve Jobs is *infamous* for valuing his aesthetic opinions of a product over every other feature and imposing them on others (famous example: wanting to rearrange the circuitry inside the Apple ][ (I think it was) so it looked better).
1. It's not "insecure by design".
2. "Everyone else" has since gone on to do it as well, making the argument that it was done to "put a competitor at a disadvantage" rather shaky.
Probably because they wanted something that was designed better than unix (even calling unix "designed" in the first place is being fairly generous).
(after all every competing OS is unix-like & windows becomes more so with each release).
The only way Windows is becoming more like unix, is if your worldview starts and ends at Windows and unix. If anything, unix is becoming more like Windows.
At an *architectural level*, the design of Windows is excellent.
As the author mentions, much of what Microsoft does is "protecting users from their own stupidity". While this addresses security, it is not an effective solution to security problems.
Actually it is, because the vast bulk of "security problems" are caused by the users' stupidity.
While Microsoft has made some effective security changes at lower levels (services off by default, user vs. kernel space for drivers, an installer service that runs under a more appropriate security policy, etc) there is still a lot about the upcoming Windows that is architecturally flawed.
Like what ?
Instead of making design changes MS has elected to take the band-aid approach of trying to direct users away from pitfalls due to these architectural flaws (firewalls set to "maximum nag" mode, anti-virus to the hilt, "are you sure" dialogue boxes warning of potentially dangerous
Firewalls and antivirus software aren't protecting you from "architectural flaws".
While improvements in Vista will certainly reduce the frequency of serious, high-profile security incidents it'll be a slow reduction and many years before we are at an acceptable state of affairs.
I predict it will make SFA difference and Microsoft will continue to wear the blame for user ignorance and stupidity.
They're not "bolting it on", Windows NT *was* designed with security "in mind" from day one. Far better security than traditional unix, as well.
Why do you think it needs to be redesigned ?
For example ?
The lack of a stable Linux ABI has nothing to do with either RMS, DRM or "Freedom". It's Linus who doesn't want to commit to - and then be "restricted" by - a defined specification.
Indeed it is. Given the context of the discussion, I am interpreting it to mean "deficiencies in the technical capabilities of Windows with regards to restricting user access". I don't see how any other interpretation could be reached, nor worth having a discussion about.
And if you think you can safely run a Windows system in any environment (except one allowing no access at all, neither local nor remote) than you are betting the farm that despite a couple hundred root-level exploits having been found in the past there are no future ones.
Reasoning which applies to every platform. So, again, not worth talking about if you're going to work in such an unhelpfully absolutist context.
It's the computer security equivalent of saying "the sun is going to burn up and kill us all, so what's the point eve getting out of bed ?"
You apparently go by sheer quantity. And yes, on that scale you are correct, the 1000 or so compromised server machines a day don't even compare to the 100,000 or so compromised windos workstations.
The reason I am working on quantity is because that is the context of the discussion. There have been *at least* as many "quality" vulnerabilities in non-Windows platforms over the years (with the possible exception of OS X due to its relative youth and relative lack of presence in large enterprise environments).
And if you are looking for something specific (say, half a million credit card numbers) then servers are where you're going and remote code execution is what you're looking for, even though by pure quantity that is a minor vector.
And even then most server exploits are the result of users - sysadmins, in this case - being irresponsible, ignorant, or just plain negligent.
I seem to recall that nearly all of the major remote Windows exploits have been the result of either a) unpatched holes (when patches have been available for extended lengths of time) or b) admins not changing default passwords and/or configurations.
Numbers alone don't mean shit. At the very least, you have to take Numbers times Impact.
The Numbers when you're talking about (non-server) Windows machines are so relatively huge that they almost always outweigh any Impact measurements. Windows desktops outnumber every other type of machine by around 90 to 1. That's damn near *two orders of magnitude* greater Numbers (yet frequently, Slashdot posters insist that this massive difference is irrelevant). Similarly, Windows Servers - *especially* in the small & medium enterprise market, where the bulk of the industry is - are more common than anything else (I will agree that Windows's penetration into high-end environments is relatively small).
So, yes, while something like a huge multinational bank is a nice, juicy target, it also has a highly trained team of people watching its systems 24/7, *proactively* trying to identify and close down any potential vulnerabilities and reactively fixing any exploits extremely quickly. While the attractiveness of a target increases significantly with its size, I would argue (and it is my experience) that its ability to defend itself and respond to attacks increases much, much faster (regardless of platform). This reasoning also applies to - and is validated by - security in "meatspace" as well.
Does the user run in an Administrator account, or is able to execute code as an Administrator ?
Sadly, this isn't true. Very little - if anything - the typical piece of malware wants (or needs) to do requires elevated privileges. The only real reason running as a non-Admin works today is because so much malware is a badly written as so much other Windows software.
Not to mention, even those OSes defaulting to unprivileged users, still have a basically automatic facility wherein users can temporarily raise the privilege level of executing code. That in itself pretty much negates any advantage a regular user account offers to an ignorant/unskilled end user, because all a piece of malicious code needs to do to get elevated privileges is swap them for a candy bar.
I'm cautiously optimistic this will improve with time.
I'm not. Given the timeframe Vista's uptake is going to occur over, I'll be surprised if the move to non-Admin accounts has any measurable impact at all. By the time they're common, malware we have been suitably redesigned not to break in them.
NOTE: I still can't forgive OS X for making the same mistake -- OS X defaults to an admin account. This is really frustrating. Apple hasn't learned from, or worse yet has wilfully ignored, Microsoft's depressingly obvious mistake.
An admin is OS X is not the same as an admin in Windows. A closer (but not equivalent) analogy to a Windows Administrator user in OS X is 'root' (although 'root' has far more power over a unix system than Administrator does in Windows).
Lots of people on Slashdot seem to think non-Admin accounts are the silver bullet that protects other platforms from malware, and will finally rid Windows of it. Back (way back) in the good old days of Slashdot, I'd say that was because they mistakenly though their experience with large, managed, centralised multiuser systems had some relevance to the home desktop scenario. These days, I'm far more inclined to think it's a bunch of angst-ridden 16 year old kids who like to pretend they've got experience running a green-screen-serving business mainframe, turning over their BOFH Excuse Card every day and going <clickety-click> whenever someone asks them something, but who have never been closer to such an environment than a book (and still mistakenly believe it has relevance to unmanaged desktop PCs).
As long as uneducated users are able to make bad decisions about what software runs on their computers, the virus/adware/spyware/whatever problem will not be solved.
Right. Because still being able to reboot is such a relief after having your life's worked wiped out by a virus.
A truly secure OS would discourage running as an Admin for routine tasks.
This is a matter of policy, not OS security.
A truly secure OS might not stop 14 year old Peggy-Sue from messing up her own files, but it should protect Peggy-Sue's dad from her virus-laden downloads (by default).
You haven't described anything Windows can't do. So I guess you're saying Windows is a "truly secure OS".
You seem to be under the mistaken impression that most malware infections come from software vulnerabilities, when they in fact come from user error.
A user error and software vulnerability (assuming by which, you mean "bug") are pretty much mutually exclusive.
If Windows was as secure as OS X -- and sorry, Apple fans, it's not as secure as some other *nix distros -- a virus would be a rare thing simply because it wouldn't have anything to work with.
Right. So you're saying you can't download and run things on OS X ? Interesting claim...
Despite the stereotypes many would have you believe, there are a lot of Mac users who are just as clueless as the Windows user you're describing, but their systems haven't been compromised because the OS they're using isn't horribly insecure to begin with.
Their systems haven't been compromised because no-one is bothering to write viruses that only have a best-case scenario of infecting 1 in every 100 machines.
Patches aren't enough, the system needs to be built from the ground up with much higher security. [...] Never mind that they should've built a secure OS in the first place like practically everyone else did.
Windows has far more security in its design than OS X (and traditional unix). For a start, it doesn't have a superuser.
Wow. I don't think you could fit more errors into three lines...
How does this "secure" OS stop a user deleting all the files they have delete permissions to ?
Most malware doesn't not behave in a manner that makes is programattically distinguishable from a user.
This meme is so ridiculously, incredibly, obviously *wrong* that I can't even comprehend how it was started, let alone how it continues to propogate. It doesn't even pass the laugh test for any tech-savvy user who has a shred of experience with end users.
Here's a hint: whether or not something is "malware" is a matter of opinion.