In comp.os.linux.advocacy, Roy Schestowitz
<newsgroups@xxxxxxxxxxxxxxx>
wrote
on Sun, 10 Dec 2006 06:13:28 +0000
<3698592.92NlptsCX5@xxxxxxxxxxxxxxx>:
> __/ [ Roy Culley ] on Sunday 10 December 2006 04:53 \__
>
>> Click, 'BBC's flagship new media and technology series', is on at
>> the moment.
>>
>> A poor Windows user asked if his ISP offered virus protection! Apart
>> from the windummie not saying what ISP he had so that they couldn't
>> say whether they did or not, what made me laugh was some of the
>> followup emails they received. Several MAC users stating they didn't
>> need any anti-virus SW.
>>
>> With the recent 0-day exploits targeting Windows SW no anti-virus
>> SW will help.
>
>
> They won't be having a very merry Christmas. Same as last year (sysadmins
> worries about the 0-day WMF flaw/s).
>
>
>> Windows: insecure by design and probably always will be.
>
>
> Links:
>
>
> Microsoft Windows: Insecure by Design
>
> http://www.washingtonpost.com/ac2/wp-dyn/A34978-2003Aug23?language=printer
>
>
> If Only We Knew Then What We Know Now About Windows XP
>
> ,----[ Quote ]
> | You can think of Windows XP as a house with a second floor built of
> | spackle, wood filler and duct tape.
> `----
>
> http://www.washingtonpost.com/wp-dyn/content/article/2006/09/23/AR2006092300510.html?nav=rss_technology
>
The *second* floor?? I think the foundation was built
out of wood....
>
> Why Windows is a security nightmare.
>
> http://www.smh.com.au/articles/2004/05/21/1085120110704.html
>
Interesting starting sentence:
Security in all mainstream operating systems is non-existent;
however, things are especially bad for Windows.
Thanks a *lot*, Mr. Latif. :-P Now you've lumped in Linux
with that other ... stuff. (To be fair, non-selinux
Linux would fare about a C2 at best on the old Orange
Book scale, and an EAL4+ on the new one [I don't know
where selinux would fit in because I've not tried it].
This isn't horribly secure although it's better than
leaving one's homewares next to a major city intersection,
which is about what Windows does if left unpatched on the
WAN for more than about 5 minutes.)
Another paragraph is interesting:
A few months later Windows Explorer started to hang
when right clicking on folders. I did my best to
search for a solution to this problem on the internet,
but never managed to find one. Resigned, I eventually
learned to avoid right clicks on folders, and became
adept at killing and reinvoking the explorer process
after an inadvertent forbidden click.
This after swearing off reinstalls to ward off bit rot. And then the
system proceeds to force him to do so anyway!
Finally, I had the bright idea of downloading
a registry cleaner to fix things. The product I
downloaded turned out to be some pathetic crippleware,
and I uninstalled it. Well, that was the fatal fatal
mistake; the next time I rebooted, Windows refused to
load. Safe mode, last known good configuration, etc.,
all failed, and so I was forced to do a clean install.
But I forgive him for his conclusion:
Overall, Microsoft is flat-out confused about how
to deal with Windows security problems. The recent
decision to disallow pirates access to Windows XP SP2
is another action reflective of that confusion. I
can't understand why Microsoft is so jittery about
supporting pirates. Microsoft's paying customers
are suffering because of insecure Windows systems;
therefore, Microsoft's first priority should be to
get the worm infected systems fixed. If this requires
distributing security updates to pirates, so be it.
Microsoft really needs to look beyond short-term
remedies to solve security problems. The company
has to move away from its Windows roots in order
to create a secure operating system environment.
Microsoft has a huge research and development budget,
and it just doesn't make sense why it cannot develop
a security-centred OS.
Cheer up, Mr. Latif. There is an alternative. :-)
A very good one, in fact.
>
> The Structural Failures of Windows
>
> http://www.theinquirer.net/default.aspx?article=15305
Interesting perspective, that.
Summary number five: Microsoft thought of networking as
an afterthought. Provoked by competition, they invented
their own way of thinking from grafted parts of what
worked elsewhere. Focus was on the distributed desktop,
and even Microsoft was caught unawares by their own
networking growth. Industrial software partnerships
were never their strength-- but hardware ones drove
their market penetration.
(there's a number of others, but this one's a good one.)
And finally...
Microsoft won't stick its neck out and kill Windows with Longhorn,
nor will they cannibalize their revenues making the world wait for
Longhorn or a re-write of Windows. Instead, we'll all be using the
prophylactics of a firewall system on both desktops, servers,
mobiles/PDAs, and so on. The cure is the prophylactic, not the cure
for the weaknesses themselves. Look for increasingly smarter
prophylactics rather than core cures.
And so, we'll live with Windows legacy for a long time, perhaps,
unless we change over to something else. My 'something else' is
Darwin BSD running in disguise underneath the Macintosh's OS/X.
Finally, someone had the guts to release a possible virus for OS/X.
I eagerly look forward to moreâ??just to keep me on my toes. µ
>
>
> Security Report: Windows vs Linux
>
> ,----[Executive summary ]
> | Finally, we also include a brief overview of relevant conceptual
> | differences between Windows and Linux, to offer an insight into why
> | Windows tends to be more vulnerable to attacks at both server and desktop,
> | and why Linux is inherently more secure
> `----
>
> http://www.theregister.co.uk/security/security_report_windows_vs_linux/
>
>
> Study: Billions of dollars spent on security
>
> ,----[ Quote ]
> | Large U.S. businesses will spend $61 billion on security by the end
> | of this year, representing 7.3 percent of total IT budgets in the
> | country, according to a new report from Info-Tech Research Group.
> `----
>
> http://news.com.com/2110-7350_3-6135989.html?part=rss&tag=2547-1_3-0-20&subj=news
>
Ah, and that's where the crux is. After all, why fix
the problem when one can create an entirely new bandaid
industry by just a few tweaks?
>
> US lost $8 billion to computer crime
>
> ,----[ Quote ]
> | Consumer reports' latest "State of the Net" survey has revealed that
> | US punters lost more than $8 billion over the last two years to
> | viruses, spyware and con tricks.
> ` ^^^^^^^^^^^^^^^^
>
> http://www.theinquirer.net/default.aspx?article=33554
Apparently, 'punter' is a synonym for gambler or someone
betting against the house. Nice thought.
>
> Best wishes,
>
> Roy
>
--
#191, ewill3@xxxxxxxxxxxxx
/dev/signature: Resource temporarily unavailable
--
Posted via a free Usenet account from http://www.teranews.com
|
|
