Linux and Windows Security Neck and Neck 512
Linurati writes "According to vnunet.com, Linux and Windows are neck and neck when it comes to security, but 'misleading figures and surveys are muddying the waters.' The article lays blame on both sides for the misleading information." From the article: "...Microsoft had made real progress on security in the past two years, but that the increasing number of Linux enthusiasts coming into the market would help the open source alternative in the long run."
haha (Score:4, Funny)
Now THATS security for you!
Re:haha (Score:3, Interesting)
I think the understated thing here is the severity of the typical break in though.
In windows most users install and run as administrator, they can do pretty much anything. Thus even small application security holes result in someone being able to completely obliterate the machine.
In unix most people install as root and run as an individual user. Thus most security holes unix has are relatively minor at worst executing the resultant code as the user who it is currently running as...
Advancements in FUD everywhere (Score:2, Interesting)
Funny, last month people told me it was better. The only quote in the article talks about linux' advantages. Erm. Something's missing.
In related news... (Score:4, Funny)
Re:In related news... (Score:5, Funny)
You know, a Fiat takes a hell of a lot more maintenance than a new Honda Civic, but it's also a hell of lot more fun to drive when it's working.
Re:In related news... (Score:3, Funny)
The fun part is wondering where you're going to get stranded next.
Re:Advancements in FUD everywhere (Score:5, Insightful)
But I agree with the parent -- advanced psychology-based FUD is a growing science.
Re:Advancements in FUD everywhere (Score:2)
Kinda like scientology? All the "cool" people are doing it!
Re:Advancements in FUD everywhere (Score:3, Informative)
Re:Advancements in FUD everywhere (Score:4, Informative)
Riight. Like this? [com.com]
Go on, pull the other one. Windows is just as leaky as it's ever been.
Re:Advancements in FUD everywhere (Score:4, Informative)
Go on, pull the other one. Windows is just as leaky as it's ever been.
no, like this [securityfocus.com]
oh, and btw, microsoft offered has had a fix [microsoft.com] for those issues for at least a week now.
Re:Advancements in FUD everywhere (Score:4, Interesting)
I'm getting tired hearing this false argument over and over. To run something in Linux that can potentially damage the system you need to log in as root. To run a virus you need to submit root password which is pretty different from what happens in Windows (by the way can you run Windows as restricted user? Many programs just refuse to work, I think that restricted user account is useless, most of the people I know run Windows as Administrator, only that and makes a big difference.)
Remember also that Linux has a big share on servers, and still there are not as many worms like Red Code and alike that bug Windows.
I still have to see ONE virus that successfully replicates in Linux environment. ALL the viruses that exist are lab viruses and they exploit holes that were patched long time ago. Or the type of viruses/worms that come in e-mail and say "please install me" but that doesn't count.
Re:Advancements in FUD everywhere (Score:3, Informative)
Yes you can run as a restricted user. I've run that way on my home machine for months now. There are a few program that I've had trouble with but overall it works.
My day job is with a software company and I can guarantee you that there are a lot of people running as restric
Re:Nice straw man arguement, check your assumption (Score:4, Insightful)
Uh, the parent poster never concluded Windows has more serious flaws.
I can understand *YOU* could jump to the conclusion that people think Windows is less secure than Linux (because a lot of people have that personal experience)
But for all we can tell the parent posting that you flamed may have been suggesting that Linux had more serious flaws than Windows (as laughable as that sounds; considering most online brokerages are linux/apache according to netcraft; and most all the Department of Homeland Security sites are either Linux/Apache or Unix/Apache).
More likely he was just making an observation that often journalists falsely jump to conclusionsn that when two things have some risk, that they have equal risk.
Re:Advancements in FUD everywhere (Score:3, Insightful)
Realisticly, it's not just the number of vulnerablities that an operating system or program has, but also how the creator deals with them. There will always be bugs, and we should thus judge software creators not only by how few bugs they have, but also by how quickly they respond to bugs.
ttyl
Farrell
I concur (Score:4, Funny)
I think linux actually has an edge... (Score:5, Informative)
I think there are two main factions here, and the answer for what constitutes better security has slightly different context with significantly different results.
For all of these people their machines are ticking time bombs, and I'm usually the one who gets the call when their world of computer technology explodes. This by itself is reason enough to consider other technologies where by default they are secure. For example, Apple does a good job (not perfect) of making their machines secure... I won't go into great depth -- I'm not a heavy Mac user.
Also, linux by default comes out of the box with decent security. Even if users do try to just use, e.g., KDE an root only, they (as I recall) have to fight off the big red screen background, kind of like the enunciator lights and bells in cars when you don't fasten your seat belts.
So, in the lay community, though Windows carries the popular vote, I think linux out of the box is by far the more secure and safe way to go.
Re:I think linux actually has an edge... (Score:2, Interesting)
2) The obession with the omnipotence of root comes from the days when all Unix use was multi-user. On a typical Linux desktop, the access a user already has is far more dangerous than anything he could do under root.
3) Please stop saying "boxen".
Re:I think linux actually has an edge... (Score:3, Interesting)
Comment removed (Score:4, Insightful)
Re:I think linux actually has an edge... (Score:5, Interesting)
Re:I think linux actually has an edge... (Score:3, Interesting)
For a similar example, we use one vendor's Anti-Virus product on the desktops and another for the servers.
It's called defence thru depth.
Re:I think linux actually has an edge... (Score:3, Informative)
This Cisco link [networkworld.com] is a bit of a stretch, but there are lots of other examples where you are correct, like:
Watchguard [watchguard.com]
Image Stream [imagestream.com]
LinkSys [linuxforum.com]
and others like Astaro, SnapGear, D-Link, SofaWare... [linuxdevices.com]
Re:I think linux actually has an edge... (Score:5, Insightful)
Re:I think linux actually has an edge... (Score:5, Informative)
While this might be true
Even things that SHIP WITH WINDOWS are prone to oversight which tells me one thing (and has been second'ed but not necessarily confirmed on
So is it any wonder that people DON'T do this? Its one thing to have a slight PITA factor when installing apps (as you can't simply say "hey here is my administrative level password
From my professional experience setting up a "secure" windows environment -- there is a LOT of use of filemon, regmon and other tools to basically guess as to why apps fail and make the environment slightly more insecure so these apps can run (ie provide user write permissions to system registry nodes or certain file system areas)... even then, my success is quite low given the extremely LARGE amount of data that is spewed from these apps (not to mention certain apps that cause the said apps to close so they can't capture the data (piracy checking??))
anyways.. its not even close to a reality. The mindset of programmers, developers, managers and microsoft is still NOT high on restricted user rights security and it is VERY apparent.
Is it better? sure.. but its still not even CLOSE to being as good as on the *nix side even AFTER well over a decade since NT debuted.. fun.
Re:I think linux actually has an edge... (Score:4, Interesting)
Well, I run into the non-admin option problem on Win boxes...as an Oracle DBA. Our SA's on the Sun boxes can easily create accounts for us with all the privs we need to install software, and admin. things on the box...they can let us sudo control things like Apache webservers (with Oracle iAS products..yup, gotta play with webservers too)...
However, on windows...well, latest restrictions can't allow them to give us local admin on the boxes...and apparently windows cannot be tuned in a granularly sufficient manner to give us what we need to do on the box. We have to now get an SA to log us in, and baby sit us while we do something as simple as a quarterly Oracle security update patch. A waste of money and time. Why can't MS get the security level thing right?
Trust me...as the project managers see what a PITA this is becoming and what a waste of time and $$'s...they are now listening to us, and we will NOT be getting any more Win. boxen to run server applications on. Is a pain to live with now, but, at least it has finally give the PHB's a reason to listen to us about staying with Unix, and trying Linux.
Re:I think linux actually has an edge... (Score:3, Interesting)
Yes, theoretically Windows has better security than any Unix-a-like, with its ACLs and finer-grained user permission levels.
In actual practice, any scheme in managing ACLS that is any more complex than Unix' UGO permissions tends to be an administrative nightmare, so many Windows admins don't even try it.
And as for finer-grained user access levels, if I do a ps aux on my Linux box, I see several different UserIDs running system processes. On my XP workstation at work, a decently locked down system, I see
Re:I think linux actually has an edge... (Score:3, Insightful)
As other people have pointed out in replies, a non-root user can still hose the part of their system that counts: all their data. But let's imagine a nice future with SELinux or equivalent systems in place, good base policies, and good tools for maintaining t
Re:I think linux actually has an edge... (Score:3, Insightful)
I presume that's the firewall? Think of SELinux as a firewall built into the kernel that mediates access between processes and resources: everything on the system can be vetted for access to all the resources (files, network access, what have you) in as fine a grained way as you desire.
I agree that program and role based security could
Re:I think linux actually has an edge... (Score:3, Insightful)
What was compared?
Linux servers vs. Windows servers - this is an issue here because Linux has some security problems (not that Windows hasn't) - there had been lot of holes in kernel (Linux) recently. But I don't really recall any mass histeria with Linux servers getting infected and DDoS entire country (Korea that was?) from Internet. There are some holes in f.e. Apache (but as I recall not serious ones - like exploitable in specific configurations - far more fr
Re:I think linux actually has an edge... (Score:5, Funny)
2005: "Longhorn will fix this."
2001: "XP will fix this"
1999: "Windows 2000 will fix this"
1996: "Mission accomplished! NT fixes this. We've got C2 certification!"
1994: "Windows NT will fix this"
Re:I think linux actually has an edge... (Score:3, Informative)
There's also stuff like firewalls and anti-virus software. If you're always running as 'root', then a trojan can kill those processes off and replace them with something else. A lot harder to do if you yourself are not allowed to kill your AV process for instance.
And if you're running an outgoing firewall
It's all IE's fault (Score:5, Insightful)
Not using IE and using Firefox instead almost completely secures an up-to-date Windows box. Get rid of IE, get rid of 90% of Windows' security problems.
Re:It's all IE's fault (Score:2)
Untrue. Other common vectors are:
1. Documents with embedded Macro viruses.
2. False email attachments
3. RPC Vulnerabilities
4. Buffer overflows on network services (e.g. IIS)
Re:It's all IE's fault (Score:2, Informative)
Re:It's all IE's fault (Score:2)
Re:It's all IE's fault (Score:5, Informative)
1. Documents with embedded Macro viruses.
Haven't seen one of these in *years*. All office versions since 2000 have made major steps to reduce malicious code in documents, and they were few and far between in the first place.
2. False email attachments
There's been a huge upsurge lately in server side virus scanning for email, and you just don't see a lot of spyware in email.
3. RPC Vulnerabilities
Not really since windows 2000.
4. Buffer overflows on network services (e.g. IIS)
How many XP machines do you see with IIS?
Honestly, though there may be a higher percentage of vulnerabilities in other products, the VAST majority of actual infections happen b/c of IE. No IE, no spyware.
The number 2 cause of infections on end user machines I would say is the "Click here to download and install the RAD SCREENSAVER OF THE MONTH" bug, or the "Click here to get (spyware supported) WEATHER REPORTS, FREE FREE FREE ON YOUR TASKBAR" bug.
Re:It's all IE's fault (Score:3, Informative)
They were anything *but* few and far between. Back when I worked at a help desk, we had an Excel virus that had been prevalent in the company for YEARS. Every so often someone would give us a call and say that all the info had been wiped from their Excel spreadsheet. And that's despite the fact that Norton Anti-Virus was bloc
Can't have it both ways (Score:3, Interesting)
Which, Microsoft insists, is an integral and inseparable part of the OS.
Microsoft can't say on the one hand that IE is part of Windows, and then on the other hand claim that IE vulnerabilities don't count as Windows vulnerabilities.
Maybe for servers... (Score:3, Insightful)
(Granted, most people who use Linux at home are knowledgeable enough to keep even a Windows machine safe.)
Re:Maybe for servers... (Score:5, Funny)
Re:Maybe for servers... (Score:3, Insightful)
More users != more secure (Score:3, Insightful)
I'd say this is precisely the other way around. More users equals bigger target and more potential fuck-ups.
Re:More users != more secure (Score:3, Insightful)
Here, more users = more developers = larger bazaar = more people working on security = better security
Re:More users != more secure (Score:5, Insightful)
Better security comes from better coding practices, the use of languages that are not as vulnerable to exploits, and the use of technology to avoid such exploits.
Now, the fact still remains that such a model fairs far better than that used by Microsoft, for various reasons. But your model of the bazaar is too simplified. It fails to take into account some very important factors, like code and coder quality.
Re:More users != more secure (Score:3, Insightful)
Here, more users = more developers = larger bazaar = more people working on security = better security"
You forgot that more users -> more hackers trying to circumvent security. And they will succeed.
Logical Fallacy (Score:3, Insightful)
The whole "windows gets infected more because more people are targeting it" argument doesn't hold up - otherwise, apache would have more security problems than IIS.
LUA (Score:2, Informative)
Re:LUA (Score:2)
For example ?
/Running as a regular user for nearly 10 years...
Independent Funding? (Score:2, Insightful)
Why can't they figure this out.. (Score:5, Insightful)
Re:Why can't they figure this out.. (Score:2)
This is one of the most insightful posts about that topic ever. I've read thousands of articles and posts regarding Linux vs. Windows security, but all the "studies" are seriously flawed in the way described by the parent post.
Re:so they're omitting the IE ones? (Score:3)
Absolutely zero-calorie article... (Score:4, Informative)
yawn...
Just as safe? (Score:3, Insightful)
Check slashdotter miss the point (Score:2, Interesting)
"My hunch would be that Linux still has the edge but it's difficult to tell with all this misleading information being pumped out."
FUD is FUD, and its being given by both side. It happenned in the C64 vs Mac, Mac vs PC, Nintendo VS Sega, XBOX vs PS2 wars, and will continue to happen in everything where nerds is involved.
Those wars are Nerd's answer to woman staffed clothes store.
MIT & CMU can do a reliable study. (Score:5, Funny)
They have a herd of poorly paid but diligent slaves (a.k.a. graduate students studying for a Ph.D.). They do excellent work in voluminous quantities and would surely produce an accurate analysis of Linux versus Windows.
Re:MIT & CMU can do a reliable study. (Score:3, Funny)
Don't forget the guys over at UCal Berk--oh, wait.
12 Min (Score:2, Interesting)
Re:12 Min (Score:2, Informative)
It lasted about four seconds.
Neck and neck? Pffft. (Score:5, Insightful)
I don't know of any person with a Windows box who will hand out an admin account, but there are Gentoo Hardened devs who hand out root on their SELinux test rigs. Why? Because the system is secure enough to hand out root.
Re:Neck and neck? Pffft. (Score:2)
Now, go ahead and mod me down.
Re:Neck and neck? Pffft. (Score:3, Interesting)
Link to ad-free article (Score:2)
Clicky for printer-friendly version. [vnunet.com] It will probably try to print the page as well.
PS The 'perma-link' option does not appear to work yet.
Um....microsoft + claria (Score:2, Insightful)
Yeah, thats real believable considering Microsoft is holding hands with Claria... [slashdot.org]
--
Check out the Uncyclopedia.org
The only wiki source for politically incorrect non-information about things like Kitten Huffing [uncyclopedia.org] and Pong! the Movie [uncyclopedia.org]!
Studies schmudies (Score:4, Insightful)
More importantly, which distribution? Windows comes with f*cking notepad and Solitaire. Linux distributions typically come with an order of magnitude more applications.
I'm on the Gentoo Security Mailing List. I get a few messages each day about vulnerabilities in software. Is each of these a ding on Linux? No, certainly not... it's a piece of software that happens to be available via portage.
If they want to be fair, then every ding on every Windows application counts against Windows.
More importantly, why the hell does every one of these boneheaded articles make it on the front page of Slashdot? Just helps spread the FUD.
For the server or for the desktop? (Score:5, Insightful)
Where Windows still falls down security-wise is on the desktop, where the combination of a vulnerable browser/Office Suite along with the fact that the de facto standard way for desktop users to set up their accounts is with administrator priviledges. That turns what would be a non-existant threat on the server (you shouldn't be doing general surfing or office work on a server) into a major issue. Microsoft has made feeble attempts to encourage users and developers to use limited accounts, but the fact remains that reconfiguring poorly written software to work in a limited account is a major headache that the average desktop user is not willing to put up with.
Microsoft also falls behind [most] Linux systems in that the majority of the software on a Linux box can typically be updated from a single tool (apt-get, yast, urpmi et al) while Windows Update only covers the core OS. Microsoft does have a better system in the works, but that will still only cover MS software.
Neck and Neck? Who's neck? (Score:3, Insightful)
One of the things you will notice, is that not all Operating Systems are created equally.
Windows XP is here
http://secunia.com/product/22/ [secunia.com]
and Redhat 9 is here
http://secunia.com/product/1343/ [secunia.com]
With the biggest difference being in HOW CRITICAL THE SECURITY DEFECTS ARE and HOW MANY ARE STILL UNPATCHED
Funny, that...
Windows and Linux neck and neck? Not according to these numbers.
Re:Neck and Neck? Who's neck? (Score:3, Informative)
Linux Security and patches (Score:2, Interesting)
Who is the trusted authority?
I'm not the type of guy to bash Microsoft, but I must say I was quite surprised when spyware of some sort infected IE on a fresh and updated install of WinXP. www.google.com was redirected to another site offering spyware removal (What a joke)
Perhaps we should recall yesterday: (Score:2, Interesting)
Studies show that there is a one in three chance this is BS, and a 100% chance we'll see this artical written over and over again in the favor of one or the other. The difference is, the Microsoft are usually the only ones to write articals in which they look better than linux. Perhaps things really are changing.
When and if... (Score:2, Interesting)
Maybe (Score:2)
Not the only thing that Ovum has said (Score:2)
And: "The Common Object Request Broker Architecture (CORBA) is a "doomed" technology that has no hope of matching Microsoft Corp.'s Distributed Common Object Model (DCOM), according to a new report on middleware. "http://www.computerworld.com/news/1997/story/ [computerworld.com]
Win Real Time! (Score:3, Funny)
It's just like a treasure hunt, except you win back the time it would take you to read the article.
The winner is the first to find the word in the following URL that suggests the value of the article it links to:
http://www.vnunet.com/vnunet/news/2139790/surveys
Give me a break! (Score:3, Interesting)
Pure FUD (Score:4, Interesting)
1. Compare WinXP operation system to the whole distribution is stupid.
2. Where from the heck those viruses spread ?
3. Look the secunia lists (www.secunia.com)
WinXP Pro (only OS):
Unpatched 21 of 84 total
Etremely or Highly Critical 30 of 84 total
Remotely exploited 52 of 84 total
Debian Sarge (OS and many, MANY, applications!):
Unpatched 10 of 26 total
Etremely or Highly Critical 4 of 26 total
Remotely exploited 18 of 26 total
Re:Pure FUD (Score:3, Informative)
The respective (2003..2005) results for the Debian Woody, which has been out for nearly three years:
Unpatched 1 of 488 total (read this line twice)
Etremely or Highly Critical 30 of 84 total
Remotely exploited 52 of 84 total
You didn't know that the Woody is one of most secure distros available.
The actual reason to worry is NOT the amount of vulnerabilities but their severity and how long it takes them to be fixed. Microsoft often names vulnerabilities as "seveval bugs in
Re:Pure FUD (Score:3, Informative)
The ~25% unpatched monthly stat is horrific.
What if.... (Score:3, Insightful)
IMO Most of "Windows" issues are users: downloading this screen saver, installing that searchbar - running that "Funny" email attachment - Linux users tend to not do stupid stuff like clicking on the "Click here to scan your system!" links....
Bottom line - windows is for the Masses - MS tries to make it user friendly and idiot proof, but I guess they keep coming up with better idiots.
Not news, just waffling... (Score:3, Insightful)
Well, I think that Windows security has improved.
There are so many opionions out there, that it's hard to tell what the truth is.
I think that Linux still offers slightly more security.
Microsoft's patches are better...
I think.
It sounds to me like somebody just expressing an opinion that they have. This really isn't news at all, and doesn't even offer any insightful information.
Linux and Windows Security Neck and Neck???? (Score:5, Interesting)
Am I missing something? I would not attempt to dispute what he says, but what criteria does he use for that statement? Number of crashes, Technician time to re-boot/reload after an incident. Number of Viruses that get through? How many times the box is hacked?
For an article titled "Linux and Windows Security Neck and Neck", I expect to see more than just "servers....no difference..."
Apparently I am not the only one that thinks security is not just the server level. Nearly all the (on topic) comments talk about win boxes that startup with admin priviledges. The real security problem seems to be at the user level, not the server level. A good admin (or group of admins for 13000 servers) can setup and take either box to maximum security. The home user, (not lazy, not ignorant as one post call them) is not an IT person. If the box comes with a setup that makes it less secure, that is probably the only thing that will ever get setup.
My opinion is that security is not just MS or LINUX. It is based on the person that installs and sets up the OS. I would bet that any good admin can set-up and make either OS very secure or very in-secure. If a secure box is delivered to the home user, it will probably remain secure. Otherwise, it will probably end up helping send SPAM.
Rubbish (Score:3, Informative)
Re:Rubbish (Score:3, Insightful)
neck and neck? (Score:3, Funny)
2 "Experts", 10 paragraphs, 286 words, 0 CONTENT!! (Score:3, Insightful)
I read the entire article, and it appears to be 100% fluff. THere is not one statistic, or even any made up data that is used to support the premise of the article. To paraphrase, the two experts that were interviewed are essentially saying: "Well, I think that maybe just possibly Linux has a security edge, but Microsoft has probably done some catching up with all of the security stuff they've been talking about, so I think that realistically I don't have any idea at this point what is better".
Wow. Thanks for that, guys.
Apples & Oranges (Score:3, Insightful)
This paragraph says it all.
First off, a system is only going to be as secure as the person who's using the system knows how to secure it. I've seen tons of Linux and BSD boxes with services running for no reason. Just check out Redhat's default installation and you'll see ports open all over the place that are not being used. At least that the way Redhat did things.
Secondly, Linux has 3 advantages over Windows.
1. The obvious. Linux should be more secure because it's a much simpler system than Windows! I don't think anyone can deny that. Wouldn't make sence if Linux was less secure than Windows, especially since lots of it's functionality was taken from more time proven Unix systems.
2. The people who use Linux are more likely to be experienced computers users than their Windows counterparts. Linux doesn't have to appeal to a bunch of mouse clickers who expect things to work all the time. Us geeks are willing to bend over backwards to make things work.
3. Windows operates over 90% of the world's computers, so hackers and virus writers have a much bigger target. Besides, it wouldn't make much sense for anyone to write viagra adware for Linux when most of it's users aren't even getting laid!
Re:Um, yeah right (Score:2)
Are the major PC sellers shipping unpatched XP systems? If so, aren't they liable?
Re:Um, yeah right (Score:5, Interesting)
I'm not sure what Microsoft is shipping in its Windows XP boxes anymore, not having ever purchased a retail version of it. However, if you're buying a PC preloaded with Windows, you are almost certain to find SP2 already installed. SP2 fixes a raft of security holes, turns on automatic updates, and, as a bonus, turns on the firewall that was (by default) off on XP RTM and XP SP1.
I'd wager that the vast, overwhelming majority of (legal) Windows XP installations came on machines preloaded with Windows. Given that, your fears of "unpatched" boxes being loaded today seems a bit of an exaggeration.
The biggest security threat these days is users opening worm-laden attachments, despite mountains of FAQ's, instructions, README.TXT, co-worker horror stories, and other forms of documentation, all warning of the dire implications of opening up that oh-so-inviting attachment claiming to have pictures of Paris Hilton's hoo-ha.
The biggest threat to security these days isn't in the OS anymore, it's mounted between the keyboard and the chair. In this respect, Linux (or any *nix for that matter) can be considered more secure than Windows, but only until a competent administrator restricts local users to non-admin-equivalent accounts. Then things rapidly return to something amazingly close to equality.
The corollary would be to give root-level privileges to common users and see how long the vaunted *nix security model holds up. Hint: it isn't nearly as long as we'd like. You're just one shell-script attachment away from disaster when a user gets an email instructing them to save the attachment off, chmod +x it, and execute it, not knowing it contains the ever-useful "rm -rf" command inside. You don't believe that a user would actually do something so stupid as to execute commands outlined in an email body? What have you been smoking lately...of course they would. If *nix ever became as ubiquitous as Windows is now, it would assuredly happen, I'll set my watch and warrant on it.
Re:Um, yeah right (Score:3, Informative)
Having just purchased an OEM copy for a custom built machine, I can answer this question. XP Professional tends to ship with SP2 preinstalled. XP Home, however, only comes with SP1 installed to provide for better compatibility for "home" programs. (read: Programs that didn't behave themselves in the first place.)
Re:Um, yeah right (Score:2)
I'll set my watch and warrant on it
There's a dark tower fan!
Re:Um, yeah right (Score:2)
Re: (Score:3, Informative)
Re:Um, yeah right (Score:3, Insightful)
Oh really? Is the average user too dumb to follow this simple email below?
----------------
"Hello there. We have attempted to process your payment but there appears to be a problem with your account. We've attached a brief presentation to this email explaining how to rectify these problems with your account so payment can proceed in a timely manner.
Please save the file to your hard drive and execute it from the command line. If you ha
A friend of mine... (Score:4, Insightful)
OH, and with the new SP2, you _HAVE_ to connect to the internet to activate your product, so that makes windows CD's either crippled (you can't connect w/o activating, and you can't activate w/o connecting first) or insecure by default. And I bet most of the people haven't gone to the stores to replace their WinXP SP1 CD with SP2.
The *current* build of XP might be more secure, but in general, the whole policies stuff is making that security COMPLETELY USELESS.
A good measure of windows security I'd suggest:
* Percentage of Linux machines in the world infected with spyware? 0.
* Percentage of Windows machines in the world infected with spyware? 80, maybe more.
So which OS is more secure, huh?
Re:A friend of mine... (Score:2)
*rolls eyes* Oh boy... *Takes a deep breath*
OK here goes.
To clarify: I did NOT say "percentage of machines in the world which use linux AND are infected".
I said: "percentage of LINUX machines in the world which are infected". If in the world there's one Linux machine and 200 Windows machines, and that only Linux machine is infected with spyware, the infected percentage for Linux would be 100%.
Now please re-read my post and compare the figures.
Thank you.
Re:Um, yeah right (Score:2)
Re:Sure sure (Score:2, Informative)
I don't think its that far from the truth, really. It's like painting.. it's the artist, not the brush. A competent system administrator can secure Windows and keep it secure, just as with Linux. An incompetent sysadmin will fail with both.
Of course, it could be said Windows makes it easier to be incompetent.
Re:... why on Slashdot? (Score:2)
Re:sensationalist (Score:5, Insightful)
And these same clueless end users are supposed to love the easy-to-use, totally intuitive, absolutely-not-cryptic Unix way of doing things so much that, if everyone would just adopt Linux, security would take care of itself.
Is it just me or does anyone else see the silliness of the above argument? Windows is not the problem with security any more than Linux. What's lacking here is something that's easy to use and flexible/powerful and secure. What we want is something with the simple user interface of a television (on/off, channel, volume, and that's about it) but we want the functionality of an I-need-eight-remotes-and-an-AV-consultant-to-run-
Personally, I think this form of contradictory nirvana simply cannot exist. If you make Linux easier to use and more accessible to the general public, it must lose either some of its security lustre, some of its flexibility, or some of both. Yet this very thing that would allow Linux to reach the mass market is what the uber-Geek
Folks, the weak link here is the human, not the software.