Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Why UNIX-type Systems Are Inherently More Secure

The Myth of Apple's Insecurities

,----[ Quote ]
| Microsoft OSes began with no security. Windows 95 through ME had
| varying levels of front-end password-based security bolted on at
| some point, but it was hardly layered through the entire OS like
| UNIX. They weren't multi-user environments so interprocess security
| wasn't seen as an issue, and remote exploits were all over the place
| since they weren't built for network use. 
| 
| [...]
| 
| As Henry Spencer said, "Those who don't understand UNIX are
| condemned to reinvent it, poorly."
`----

http://weblog.infoworld.com/venezia/archives/011187.html


Related:

Despite Vulnerabilities, Apple's Mac OS X Weathers The Security Storm

,----[ Quote ]
| I still think the Mac is safer than Windows. It has a reduced
| threat environment. 
| 
| [...]
| 
| Marius van Oers, a virus research engineer at McAfee, posted a blog last
| week that showed there are more than 236,000 pieces of malware "in the 
| wild." The vast majority are aimed at the Windows environment. Only about 
| 700 are meant for the various Unix/Linux distributions, van Oers wrote. How
| many are for the Mac OS X platform? Seven or less, he said, calling
| the threat "pretty much non-existent at the moment."
`----

http://news.yahoo.com/s/cmp/20070331/tc_cmp/198701479;_ylt=A9G_RwQ7URBGdGkAoQAjtBAF


2006 Operating System Vulnerability Summary

,----[ Quote ]
| As far as "straight-out-of-box" conditions go, both Microsoft's
| Windows and Apple's OS X are ripe with remotely accessible
| vulnerabilities.
| 
| [...]
| 
| The UNIX and Linux variants present a much more robust
| exterior to the outside. Even when the pre-configured server
| binaries are enabled, each system generally maintained its
| integrity against remote attacks.
`----

http://www.omninerd.com/2007/03/26/articles/74


Linux vs. Windows: Which is Most Secure?

,----[ Quote ]
| True to UNIX.
| Qualitative score: Windows gets a D+ while Linux gets an A-.
| "Bummer of a birthmark"
| Qualitative score: Windows gets an F while Linux gets an A.
| User data confidentiality.
| Qualitative score: Windows gets a B- while Linux gets a B+.
| Patch practices
| Qualitative score: Windows gets an A- while Linux gets a B+.
`----

http://www.esecurityplanet.com/views/article.php/3665801


Linux Security: A Big Edge Over Windows

,----[ Quote ]
| Linux is better at locking down a computer than Windows. The Linux OS
| uses configuration settings and user permissions to a much more
| efficient degree than the Windows administrator account. To do
| this, non-enterprise users should seek help from third-party
| security suites that serve as configuration managers, James
| Bottomley, chief technology officer of SteelEye Technology said.
`----

http://www.linuxinsider.com/rsstory/54742.html


Security Report: Windows vs Linux

,----[Executive summary ]
| Finally, we also include a brief overview of relevant conceptual
| differences between Windows and Linux, to offer an insight into why
| Windows tends to be more vulnerable to attacks at both server and desktop,
| and why Linux is inherently more secure
`----

http://www.theregister.co.uk/security/security_report_windows_vs_linux/


The problems with Vista laid bare - What might have been

,----[ Quote ]
| ...the trick that XP misses is that you must compel all ordinary
| users to have restricted, non-admin accounts. You make it impossible
| - or at least really hard - for normal accounts to have super-user
| powers. Ordinary users can see their own files, but not each other's 
| or the protected ones of the OS itself, and they can't touch anything
| that might cause problems.
| 
| [...]
| 
| It's never going to happen now - it's too late for Vista, and after
| this, there will probably never be such a big change in Windows again,
| until it's replaced with something new.
| 
| But here's a fun thought. What if Microsoft were held legally
| responsible for all those vulnerable, insecure Windows
| installations out there? 
`----

http://www.theinquirer.net/default.aspx?article=38419


Why Windows is less secure than Linux

,----[ Quote ]
| Windows is inherently harder to secure than Linux. There I said
| it. The simple truth.
| 
| Many millions of words have been written and said on this topic.
| I have a couple of pictures.
`----

http://blogs.zdnet.com/threatchaos/?p=311


Linux more secure than Windows, national survey shows

,----[ Quote ]
| In its first annual Security Issues Survey for the debut of the Software 
| Security Summit conference in La Jolla, California, BZ Research polled 
| 6,344 software development managers about the security of different popular 
| enterprise operating environments and Linux and open source consistently 
| topped Microsoft Windows, according to respondents.
`----

http://www.xomba.com/linux_more_secure_than_windows_national_survey_shows


Microsoft Windows: Insecure by Design

http://www.washingtonpost.com/ac2/wp-dyn/A34978-2003Aug23?language=printer


If Only We Knew Then What We Know Now About Windows XP

,----[ Quote ]
| You can think of Windows XP as a house with a second floor built of
| spackle, wood filler and duct tape.
`----

http://www.washingtonpost.com/wp-dyn/content/article/2006/09/23/AR2006092300510.html?nav=rss_technology


Why Windows is a security nightmare.

http://www.smh.com.au/articles/2004/05/21/1085120110704.html


The Structural Failures of Windows

http://www.theinquirer.net/default.aspx?article=15305


The feds weigh in on Windows security

,----[ Quote ]
| "The benefits of this move are enormous: Common, secure configurations
| can help slow botnet spreading, can radically reduce delays in patching,
| can stop many attacks directly, and organizations that have made the
| move report that it actually saves money rather than costs money,"
| Paller wrote.
`----

http://news.zdnet.com/2100-1009_22-6172158.html


Windows animated cursor flaw--150 sites infected

,----[ Quote ]
| There's a new Microsoft Windows vulnerability being exploited
| across the Internet on over 150 Web sites. The vulnerability is
| caused by an unspecified error in the way Windows 2000, XP, and
| Vista handles animated cursors.
`----

http://news.zdnet.com/2100-1009_22-6172440.html


Microsoft Patches Not One, But Three Vista Holes

,----[ Quote ]
| Microsoft today released an update for the recently popular 'animated
| cursor' vulnerability. The update was originally scheduled for April
| 10th, but due to recent exploits, was rushed out today. The update
| wasn't just for this one vulnerability though, in Vista, it addressed two 
| others, and in all covered seven vulnerabilities in Vista, XP and
| 2000.
`----

http://itsvista.com/2007/04/microsoft-patches-not-one-but-three-vista-holes/


Insecure when run on Vista, thanks to symbolic links

,----[ Quote ]
| I was surprised to learn a few weeks ago that Vista added symlink support
| to Windows. Whereas I found people rejoicing at the new feature, I
| anticipate with dread a number of vulnerability announcements in
| products that worked fine under XP but are now insecure in the
| presence of symlinks in the file system.
`----

http://www.cerias.purdue.edu/weblogs/pmeunier/general/post-85/


Why is Microsoft hell-bent on ruining its reputation?

,----[ Quote ]
| Microsoft had multiple chances to release a patch for the ANI
| (Animated Cursor) Exploit in the months of January, February,
| and March but failed to release any patches for the vulnerability
| that was originally disclosed privately to Microsoft on December
| 20, 2006. Now we're getting an emergency patch today, one week
| before the regular patch cycle, and Microsoft seems to think
| that this is a success story on its "quick" response to this
| zero-day exploit.
`----

http://blogs.zdnet.com/Ou/?p=460


Hackers offer subscription, support for their malware

,----[ Quote ]
| And many exploit providers simply wait for Microsoft's monthly
| patches, which they then reverse engineer to develop new exploit
| code against the disclosed vulnerabilities, Ollmann said.
| 
| "All you've got to do is just subscribe to them on a monthly
| basis," Ollmann said. "The going rate is about $20." 
`----

http://www.computerworld.com.au/index.php/id;838771320;fp;16;fpid;0


Experts say Microsoft should consider change in patching process

,----[ Quote ]
| Several security experts criticized Microsoft this week for not
| releasing a fix earlier for the Windows ANI flaw, calling for the
| company to reassess the way it handles critical patches.
`----

http://www.scmagazine.com/us/news/article/649115/experts-say-microsoft-consider-change-patching-process/
http://tinyurl.com/2felu2


6 Patches on Critical Update for Windows XP: KB925902

,----[ Quote ]
| It wasn't just for this one vulnerability for XP, it addressed five
| more, and in all it covers seven vulnerability for 2000, XP SP2,
| Server 2003, and Vista.
`----

http://donalyza.wordpress.com/2007/04/04/6-patches-for-critical-update-for-windows-xp-kb925902/
http://tinyurl.com/yt7y95

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index