“Microsoft has gone out on a limb to promote Vista not merely as ‘the most secure version of Windows ever’ (every recent version is marketed with that tired slogan), but for the first time as an adequately secure version of Windows. ‘We’ve got the message and we’ve done our homework’, the company says. So let’s see if the reality lives up to the marketing hype.”
I think that’s the first time I’ve agreed with an Article from TheRegister.
I’ve been using Vista since it got released to Corporate customers and businesses, I do agree that the new security features are more flashy than actual use.
The first thing people do is turn off UAC, and the Security Center Alerts not long after that.
Only time will tell if Vista turns out to be more secure, or if it just opens up an entire new wave of attacks.
“In a nutshell, Windows is single-handedly responsible for turning the internet into the toxic !@#$ of malware that it is today.”
What?! Windows is responsible for the malware? I thought the programmers of the malware were responsible. And why does an article from a supposedly respectable source contain profanity in its opening paragraphs?
Don’t let a few rude word choices by a journalist fool you. The article is indeed very critical but such critical articles are sorely needed if we are willing to get rid of all the security and privacy problems haunting us all Internet users today. The article is just a good critical review of MS Windows security weaknesses (also other than IE weknesses, read the other two pages besides of the first page too).
The article plainly shows how the high hopes of Vista becoming the first really secure version of Windows are not really fullfilled, unfortunately so. Maybe The MS people were too busy building all those new DRM features into the OS instead of thinking what’s best for the user, i.e. improving users’ security and privacy?
But maybe the next version of MS Windows after Vista will be that secure version of Windows, or maybe even Vista SP1, SP2..??
Well, the Register isn’t really what you’d call a respectable source.
Well, their (Register) motto is written in the beginning of all their web pages: “Biting the hand that feeds IT“.
Why do you say that?
Well, the Register isn’t really what you’d call a respectable source.
The trouble is, it’s saying much the same thing as respectable sources are. Unless of course you mean to imply that the only “respectable sources” are the ones that praise Vista.
Which wouldn’t exactly make you a “respectable source”.
To the extent that malware includes viruses, and viruses are self-propagating, systems with poor security are responsible for helping to propagate them. Surely not single-handedly, but they have a major role, just like people who don’t practice safe sex have a role in propagating STDs.
Great analogy.
You should get an award for this comment.
>>To the extent that malware includes viruses, and viruses are self-propagating, systems with poor security are responsible for helping to propagate them. Surely not single-handedly, but they have a major role, just like people who don’t practice safe sex have a role in propagating STDs.
>>
Very true. Windows does play a large role in the problem. I just think this article was very poorly written, that’s all.
Practice Safe Hex.
Ultimately it is the user that is responsible for that.
“In a nutshell, Windows is single-handedly responsible for turning the internet into the toxic !@#$ of malware that it is today.”
Yes we humans have polluted our world.
Vista is *MUCH* more secure than any previous version of windows, but still some of the things aren’t all that impressive. That aside, this article is only about IE security and not Vista. Nice job MS on sandboxing IE, one of the main exploit vectors in windows. UAC seems to be disabled more than anything as it is very annoying.
When will Microsoft have any form of MAC (Mandatory Access Control) in windows? Solaris and Linux have had this for years…
They use the NX bit on modern CPUs since XP SP2, and vista is no different, but this doesn’t always work. Microsoft doesn’t say anything about using a hardened compiler toolchain like how Linux uses gcc with FORTIFY_SOURCE so I assume they don’t.
On a good note, Vista does ship with Address Space Layout Randomization (ASLR) enabled by default. Linux has ASLR with the grsecurity kernel patches, but these aren’t default and require building a custom kernel.
You assume wrong. Visual C has had stack protections for quite some time now and XP SP2 was compiled with all of this stuff on for core binaries.
Who on Linux uses MAC? It seems like most access control in the field is still UGO, which is simple, effective, secure, but largely a discretionary mechanism like DACLs.
Security really isn’t everything and I view an operating system’s responsibility as not allowing local privilege escalation where possible (not many OSes are good at this) and the system libraries and components should not have remote vulnerabilities.
Who on Linux uses MAC?
*cough* Fedora since Fedora Core 2
*cough* RHEL >= 4
Thanks to guys like Russel Coker, SELinux works fairly well with the targetted policy in Debian Etch. They are planning for it to be enabled in Debian Etch+1 by default with a targetted policy similar to fedora.
Please note that the redhat family of Linux distributions was basicly the only ones immune by default to a recent 0day kernel root exploit. It was a race condition in /proc and SELinux blocked it.
Edit:
I was un-aware visual C had stack protection features. This is good to know.
Edited 2007-02-20 23:48
On a good note, Vista does ship with Address Space Layout Randomization (ASLR) enabled by default. Linux has ASLR with the grsecurity kernel patches, but these aren’t default and require building a custom kernel.
The current linux kernel has ASLR and a additional mechanism to make smashing the stack somewhat (more) difficult.
Grsecurity adds more protection options then available within Vista.Where Vista only protects the stack Grsecurity enables you to protect the Heap as well.Furthermore ASLR in Vista is a meagre 8 bits.
osnews used to be full of technical articles!
Look at what we have on front page right now:
— ‘Vista Security Overview: Too Little Too Late’
— The Most Annoying Things About Windows Vista
— 64-Bit Vista Is Hard to Get
It’s been like that for a couple of weeks
Allright, Vista is the worst thing since… whatever you like, just get over it! Everybody here knows about it, spread the word somewhere else please.
Thx
Edited 2007-02-20 22:50
I do agree, there’s a lot of Vista this Vista that at the moment, but that’s what people are talking about at the moment, it’s a new release. People are still talking about it, installing it, having problems, loving it, praising it etc.
*Edit* Just noticed that comment got buried, understandably.
Just because it’s Vista doesn’t make it any less news, it happens with everything.
Whether it’s a new Ubuntu release, we’ll see more of those shortly and a few articles on that.
Going to get it with Apple too soon, after they release Leopard, there’s going to be a lot of Leopard vs Vista news items.
That said, I still find it interesting people are commenting on security, because it really hasn’t been out there long enough to build up the attacks, even more so, there isn’t much point releasing an exploit now when you aren’t going to be able to target enough people to do any damage.
Which won’t be long seeing as Dell have already removed the option to have XP on computers and Asus are now pre-installing Vista too on their laptops.
Edited 2007-02-20 23:05
“That said, I still find it interesting people are commenting on security, because it really hasn’t been out there long enough to build up the attacks, even more so, there isn’t much point releasing an exploit now when you aren’t going to be able to target enough people to do any damage.”
I think this is more a case of “..lets have a look to see if all the doors and windows are locked this time”.
What they’re finding is in most respects they’re locked just fine…only to discover a set of keys under the front mat and a note on the door telling people where they are.
If the security features are too intrusive and people turn them off by default, XP to Vista will simply be a flashy step sideways. Wow indeed…
“””
Look at what we have on front page right now:
— ‘Vista Security Overview: Too Little Too Late’
— The Most Annoying Things About Windows Vista
— 64-Bit Vista Is Hard to Get
“””
I like hearing all about how bad Vista is. Keep these articles coming! 😉
What Microsoft has done for Windows concerning the UAC may be in the correct mindset, however, there are serious problems with it.
Instead of going to OSX or linux or Unix way, where the system asks you for the Admin password when changing SYSTEM files, Microsoft has decided to make you hit OK a billion times when changing pretty much anything.
The system is flawed, and it doesn’t cause more security in the long run, because it makes people hit OK, and learn to ignore it, or worse, turn it off.
I know I have hit OK without reading the UAC message, and heck, even when I do, the message is pretty cryptic. “Internet explorer needs to run an app, hit ok?” Hrm… what app? What is it doing? I DON’T KNOW!
So I hit details, and the details show application 0x8242. I don’t know what that is. It turns out that the application is flash.
Good job Microsoft, your heart was in the correct place, but your mind wasn’t when you created the UAC.
Funny thing is, even if it’s not 0x8242, but “Flash” you still can’t know it’s not malware…
Instead of going to OSX or linux or Unix way, where the system asks you for the Admin password when changing SYSTEM files, Microsoft has decided to make you hit OK a billion times when changing pretty much anything.
AFAIK (not a Vista user), UAC does only prompt when the user or a user application attempts to change system files. In fact, they implemented all sorts of heuristics to assume when previously allowed applications should be allowed to modify system files again without prompting.
The problem is that the Windows platform has historically allowed applications to change system files at will. Until Windows XP, there was never a good reason for an application to store data on a per-user basis. Most applications could safely assume that they would always be run by (effectively) the same user. With XP, applications could no longer really make this assumption, but they could assume that the user had administrator privileges.
The problem with Vista permissions isn’t that UAC is poorly implemented, but that all previous versions of Windows were poorly implemented–and the applications were even worse. It was Microsoft’s fault for getting into this mess, but it’s mostly not their fault that UAC isn’t working as well as it should. In essence, the Windows ecosystem just isn’t ready for the desktop anymore.
They ask for so many things because so many apps are designed so poorly that these apps ARE accessing system files, or protected parts of the registry, etc…
There is little wrong with Microsoft’s implementation and more wrong with the shoddy software that gets put out, and flash is a damn fine example of that.
I suspect over the years more and more apps will be written with UAC in mind and you will start to only see UAC when you are configuring important parts of the system.
They ask for so many things because so many apps are designed so poorly that these apps ARE accessing system files, or protected parts of the registry, etc…
Absolutely true, however the correct way to deal with this is not to ask every time a violation occurs but just to deny the access.
If a broken application can just keep on being broken, why should a vendor change it?
Better let some applications be recognized as broken instead of rendering the operating system’s security systems meaningless.
Perhaps because you can’t break compatibility with 90% of your applications?
Perhaps because you can’t break compatibility with 90% of your applications?
You are saying that 90% of Windows applications are broken and couldn’t be fixed within seven years?
Good grief!
No, I am saying that 90% of Windows apps are not written with standard user rights in mind and if Vista were to deny such applications from running then it would break them.
Also, how does the OS determine which apps are ok to let through with Admin rights and which aren’t? You would have to block everything.
No, I am saying that 90% of Windows apps are not written with standard user rights in mind and if Vista were to deny such applications from running then it would break them.
Sounds like we have a misunderstanding. I was only referring to broken applications which unecessarily access restricted resources.
Since access restrictions have always been used on NT and are more widely deployes since Windows 2000, this shouldn’t be many.
Also, how does the OS determine which apps are ok to let through with Admin rights and which aren’t? You would have to block everything.
No, it could ask when the access violation is coming from an application that is likely a setup program.
Any other application which needs elevated privileges for a certain task by design can ask the user directly (or through a respective API) for permissions just like programs under Unix do, or at installation time install a helper program which will always be executed with elevated provileges, like suid helpers on Unix.
The number of occasions where a user is asked for permission should be kept to a minimum. Asking at every violation is too often, especially if, as you claim, a large portion of applications is broken
Windows might be used on 90% of the worlds systems. However I have to disagree with the 90% of the spyware/malware/virus/botnet/zombie assumption..
I think it is closer to 99% of those.
Yes, UAC is a joke and will never work. The only way you can truly secure an OS is to deny the user the right to hang himself. I suppose you could do that, but then the user would never be able to do anything that required admin privileges. Sure, you could deny the user to execute files by default, but if you promise him naked pics of (insert name of hot Hollywood actress) if he executes your file, he’s going to do it anyway, so you’re just delaying the inevitable.
As far as I’m concerned, the only thing MS had to do was to prevent rootkits and the damn drive-by installs. Assuming they succeeded (and I guess we’ll have to wait and see how it plays out over time), then Windows is probably about as secure as it needs to be.
Edited 2007-02-20 23:12
“It’s the user’s fault” is a cop-out excuse, and no real engineer gets to use it. Yeah, it’s the user’s fault if he drives into a parked car at 30 mph, but dammit it’s the designers fault if that causes the car to explode.
For example, it’s bad to make it easy to define applications that start up when the user logs on. That allows malware to continue to run on the machine even after a reboot, without having to exploit a root hole. OS X isn’t great in this regard (it has two mechanisms, login-items and startup-items), but at least they’re pretty transparent, and easy to locate. I’ve used Windows a long time, and if you held a gun to my head and asked me where in the registry startup items are defined, I wouldn’t be able to tell you.
It’s bad to make mundane tasks privileged operations. It’s even worse to make dangerous tasks unprivileged operations. Installation programs are just about the dumbest idea ever, and date from an ugly DOS past where there was no concern for system security. Who things it’s a good idea to give random programs administrative privileges just to copy some files to the correct place? Of course, OS X gets it completely wrong too. Why the hell is anything in / world-writable? *NIX is the only system that gets this right, handling software installation through a specific (and hopefully well-tested) system utility.
Plugins, extendible programs, transparent execution, active data, etc, are all bad ideas. Sometimes, they can’t be avoided but they should be used sparingly. Browser plugins are a good example. They’re unavoidable. Their installation should either be from a known-trusted source (eg: distribution package repository), or they should require non-trivial interaction on the part of the user (eg: dragging it to a plug-ins directory). The ActiveX model of downloading random code over the internet with nothing more than the user clicking “OK”? Dumb idea!
It’s possible to design secure systems that are easy to use. It’s not possible when you make kitchen-sink software and have a developer base used to being lazy with security.
In Unix, do you not run make and then make install to put something on your system? This is tantamount to running an installer unless you manually audit the code.
Or in the case of the package management system, you probably use a package manager. I agree that you can trust the package manager to be safe if you trust your distro’s repositories (you pretty much have to trust the OS manufacturer whatever system you use, unless you’re going to audit the source code yourself). But what if you want to run a commercial program on linux and you don’t have the source and there is no agreement to have it part of your distro’s repository… it’s the same as on Windows.
ActiveX and general extensibility system you see in Windows is part of what makes it successful. Microsoft wants “developers, developers, developers” to take what’s given and enhance it to suit their needs. Windows has so many hooks because they want people to have a chance to customize shell behaviors or photo rendering abilities or what items start up on the system. This also makes the system susceptible to all kinds of crap attacks, but it was an engineering tradeoff that was made in the days when the computing world was relatively benign. Things didn’t begin to become so dangerous and horrific on the Internet until around 2000.
What seems like a dumb idea with 20/20 hindsight is what also allowed things like Ajax or Flash to exist, or the Google Toolbar. It is what lets you use Winzip or WinRAR easily from a context menu. These sorts of exploitable hooks allow VmWare to copy and paste across virtual instances. All the evil uses of ActiveX and other extensibility technologies are publicized, but the beneficial aspects quietly hum along with no one to mention them (and it’s not because they aren’t used, but because they are often so transparent that users don’t even notice what’s happening).
I don’t know how Mac OS X init works now, but aren’t there a number of places where a root-privileged user could squeeze files? There used to be an rc mechanism with scripts that could be compromised. Now, I suppose you could put your evil software into launchd. Not totally sure how much access you’d need to do this, but I have few doubts that it’ll happen if you can convince the user to enter his password.
The real problem with Windows is culture. People who own Windows are cheapskates and want to install free software and tools. Since it’s not a predominantly open-source system, those tools install crap along with themselves. Or people download ActiveX controls from obviously shady sites. Really, how can you blame the OS when the user doesn’t take responsibility for his or her own security? It’s like if you’re in a gang neighborhood. Ideally, you shouldn’t have to watch what you say and who you talk to, but if you go to the street corner and look at a dealer kinda funny, you’re liable to come to some harm. Especially if you keep acting friendly toward him as he’s pulling his knife out.
n Unix, do you not run make and then make install to put something on your system? This is tantamount to running an installer unless you manually audit the code.
Not so relevant a point in a discussion about minimizing damage from abuse by normal users.
But what if you want to run a commercial program on linux and you don’t have the source and there is no agreement to have it part of your distro’s repository… it’s the same as on Windows.
And what percentage of software installs on a *NIX box fit that particular bill? 1%? 0.1%? And how much of that software isn’t distributed via trusted sources on CD media? I’m not saying that *NIX is perfect, but the real, practical probability of a nefarious installer as an attack vector is substantially lower on *NIX.
ActiveX and general extensibility system you see in Windows is part of what makes it successful.
Being preloaded on 95% of PCs is what makes it successful.
Microsoft wants “developers, developers, developers” to take what’s given and enhance it to suit their needs.
There are a lot safer ways to do this than distributing random binary code over the internet. Hell, Microsoft’s even discovered one, I hear they call it .NET…
Things didn’t begin to become so dangerous and horrific on the Internet until around 2000.
It wasn’t even a lack of foresight. NT has a perfectly good, if somewhat baroque, security architecture. Clearly they recognized the need for it almost 20 years ago. The problem is that there are some teams at Microsoft that take good software engineering seriously (the NT team), and others (*cough* IE, DirectX *cough*) that don’t. To this day, NT is a perfectly fine kernel. It’s the user-space, with all its Windows/DOS baggage (not code these days, but rather programming mentality) that’s the problem.
What seems like a dumb idea with 20/20 hindsight is what also allowed things like Ajax or Flash to exist, or the Google Toolbar.
I’m not saying there shouldn’t be plug-ins. I’m saying that they should be used sparingly and carefully. Clearly, a browser needs plug-ins. But are plug-ins installed often enough that it’s a win to make installation transparent? Back in the day, you installed a plug-in by closing the browser and running an installer. These days you can end up with a new toolbar without even knowing what happened.
Moreover, AJAX is a somewhat different beast. It doesn’t require any plug-ins, and it’s “active” element is an interpreted, sand-boxed language. In theory it’s just fine from a security standpoint, the real problem is that AJAX makes the browser into an OS, but nobody programs a browser as carefully as they do an OS. Sun goes to great lengths to ensure the security characteristics of their JVM. meanwhile, a hole is found in a Javascript implementation (on every platform) on a depressingly regular basis.
It is what lets you use Winzip or WinRAR easily from a context menu.
That doesn’t require any active element at all. Just an extension to the filetype database listing handlers (running in a separate process of course!) for various file types.
These sorts of exploitable hooks allow VmWare to copy and paste across virtual instances.
I don’t think VMWare uses anything than a regular-old kernel module for this. Of course, kernel modules are the ultimate extensibility mechanisms, but luckily developers are scared of them, and use them sparingly.
All the evil uses of ActiveX and other extensibility technologies are publicized
I don’t think I’ve ever seen a good use of ActiveX.
Really, how can you blame the OS when the user doesn’t take responsibility for his or her own security?
A software developer complaining about stupid users is like a rocket designer complaining about gravity. Yeah, life would be a lot easier for both people if reality was different. But reality is a given. A good system has to work around reality the best it can.
If *NIX takes off, there’s going to be boxed software. Or shady downloads. The Skypes of the world will move in, and users will expect it too and complain if it’s not there.
AJAX started life as an active-x plugin for IE (something like IActiveHttpRequest or somesuch).
I can’t say for sure how VMWare does it, but I strongly suspect that the clipboard functions of Windows would be far harder to access through the kernel than to use the user-mode designed-in hooking mechanism. Actually, I think VMWare puts several UM processes into its host and guest images to make things possible.
The WinRaR extensions create extra levels of the context menu in the shell. You might be right that this is done through a database and I know many things are, but I’m pretty sure you need code to be running behind that menu to capture all the contextual information you need to do something intelligent when you right-click on some shell objects and launch the appropriate action. Having a COM extension for this is the simplest and most powerful (and most easily abused by crapware) method to extend the shell on Windows.
I think the Windows team is in the position of trying to design an OS for both astronauts and monkeys. There’s no way to keep it effective for the former and safe from the latter. Maybe they should make two entirely different OSes??
“AJAX started life as an active-x plugin for IE (something like IActiveHttpRequest or somesuch). ”
It wasn’t activex, however IE was the only browser that supported XmlHttpRequest (not IActiveHttpRequest) for a while. You are more than likely referring to OWA, which doesn’t install anything on the client.
“Maybe they should make two entirely different OSes??”
They did for a while, and look how that turned out for them. From a maintainability perspective it’s a complete nightmare which is why they merged the old 95/98/ME kernel into NT.
If *NIX takes off, there’s going to be boxed software.
If Ubuntu gets 50% of the OS market tomorrow, and suddenly there is all sorts of boxed software for it, it’s presumable that this software will be distributed as .deb’s.
AJAX started life as an active-x plugin for IE (something like IActiveHttpRequest or somesuch).
ActiveX is certainly not necessary for the system to work.
Actually, I think VMWare puts several UM processes into its host and guest images to make things possible.
Even so, getting data off the clip board doesn’t require any code extensions. The clip-board is a shared area for non-active data, and there are standard APIs to read and write to it. You can do the same exact thing with the X clipboard.
You might be right that this is done through a database and I know many things are… Having a COM extension for this is the simplest and most powerful (and most easily abused by crapware) method to extend the shell on Windows.
Explorer.exe is a critical part of the user’s interface. Loading random code into it is not acceptable from either a security or a stability point of view. If you really need the flexibility of building menus on the fly, use a messaging API. Start a handler process and communicate with it via IPC. That way, if its a shitty, buggy piece of code it can’t harm the main shell. Yeah, it’d take a whole millisecond to do this, instead of 100 microseconds, but it’s not like the user is going to notice when the menu popup delay is a 100 times longer than that!
Edited 2007-02-21 15:35
*NIX is the WORST.
There are millions of libraries that you have to keep updated and that even though you use a package manager like apt-get or YaST sometimes those updates still don’t want to install.
It’s all heaps of junk.
With respect, your knowledge of computers seems to be limited to the PC operating systems produced by Microsoft.
I really think you should go on a course and learn unix.
Protection of the system whilst allowing the user to run programs has been well implemented since the 70’s.
The first ‘computers’ many of us worked with were in fact terminal sessions on unix mainframes – so allowing the user to run programs whilst only admins could actually alter the system was built-in.
They were and remain effectively ‘truly secure’. That’s why those of us with years of experience of operating systems are always promoting the use of unix based systems such as Mac OS X and Linux.
I found most of the assessments coming across as jaded. Of course, the opening argument that Windows is to blame for turning the internet into a cesspool (paraphrasing) contaminated the validity of the entire article.
I have worked with OS’s of various types from DOS, AIS, Unix, Xenix, Linux, Windows (no mac’s though.) There isn’t an OS out there that cannot be hacked. Microsoft takes the heat because it’s the most available. But I get [almost] daily reports on security flaws we have to patch in our Linux releases, too. At least Microsoft sends me their patches.
I have also worked for behemoth companies like Microsoft. This is their core product. The 70,000+ employees at Microsoft take their jobs seriously. They have meetings on how to improve their products and take pride in what they’re able to deliver. They have installations in 100+ countries, scores of different languages and technical staff members that would make NASA envious. They are a core component of the world’s economy. There is no one “Microsoft” person as the evil king, here. They have to be aware of how their OS will affect the [literally] hundreds of millions of workstations and servers that run their products. This is no easy task for product development teams! I use to be on several employer development teams and not NEARLY under the scope of what Microsoft employees have to endure.
I’m not defending the “beast” but it’s unfair to say that Microsoft is to blame for what other nefarious people do to steal from the vulnerable. If Linux were on 90% of the desktops, you can believe critics would be bashing Linux for all its security holes.
Nothing is perfect. Windows is a product that works for most. It’s got its flaws like anything else and they’re working on making it a better product. I don’t recommend the Vista upgrade yet, and won’t until SP1 but at least I know they’re seriously working on improving their product. I will wait and see what they’re able to produce, but I have seen releases of items they’re trying to incorporate into Windows and they’re unique.
It all comes down to education. It is up to the IT professionals to help users understand what they should and should not do with their PC’s and why. At least until that perfect OS is written…
Criticize away but don’t bash. The “hate” takes away from the credibility.
<by the way, I’m not a Microsoft employee, either.>
You have no proof what so ever to say if Linux had 90% market share it would be just as bad. For one Linux has alot more software by default, it doesn’t have a web browser tied into the OS or writing to a registry. People assume that other OS’s will have the same issues, this is simply not true, all OS’s have security issues but putting then in the same league as Windows is wrong indeed.
There are a number of security features in place with Linux/OS X/BSD for a long time that limit the amount of damage a cracker/virus can do. This is simply not the case with WIndows, only Vista has finally managed to but from what we see it’s not done proper.
My files are far more important than the O/S itself. I perhaps do not care much if my machine is turned into a spam relay station, because I can buy a firewall and turn the damn thing off. But if I loose my files, then it is disaster. In that respect, Linux is no more secure than windows.
Congrats, you just made a perfect sales pitch for OSX Leopard + an (external) hard drive + Time Machine.
The ultimate sweetness would of course be backup of your files like this over a network (“Google Backups” anyone?).
I’m sticking with Linux ATM, but if the most important thing is security of your files, then this sort of thing might be just for you. Me, I only doubt for a short while before (re)installing the next OS again. There’s not much important stuff on there anyway, my files tend to be “volatile” (only useful for a short/medium amount of time).
Then again, both Windows and Linux offer backup solutions to external hard disks. Could be sufficient for one’s purposes.
But I should also add, Linux is generally more stable, and has more (better?) recovery tools. Which is why people are using Live Distro’s in order to rescue files on Windows boxes that crashed and e.g. don’t boot up any longer. Furthermore, since most things are stored as plain text files (or XML, or ODT, or whatever, …), they are easy to recover. Try that with a program that stores all your info in a proprietary database format, then the OS crashes.
Edited 2007-02-21 14:17
Your files are your responsibility, no OS can secure them and how is a OS supposed to secure them without serious restriction!. With Windows most people lose their files on a reinstall because of the stupid thing wiping your documents folder, which also contains pictures, music and videos.
Leopard — time machine
Vista (Windows in general) — “Previous Versions” and Undelete.
Linux — ??? someone help me out here?
My files are far more important than the O/S itself. I perhaps do not care much if my machine is turned into a spam relay station
Unfortunately that is a common and dangerous attitude shared by a lot of users.
Allowing someone to take control of your machines does not only hurt you, it hurts everybody shared infrastructure with you.
Fortunately a couple of countries are starting to make people accountable for damage caused by their equipment if they don’t handle it properly and deactivating security systems is quite unlikely considered appropriate.
I pitty all those who will be scapegoats the moment a distributed attach causes real damage and when the mob starts to demand blood.
“My files are far more important than the O/S itself. I perhaps do not care much if my machine is turned into a spam relay station.”
‘Allowing someone to take control of your machines does not only hurt you, it hurts everybody shared infrastructure with you.’
How many people `actually know` how to secure thier machines? Seriously. I’ve met McSoft WinCode users who thought the monitor was the computer. I rarely find that with people who run BSD, Linux or OS X.
Like cars or weapons, people should be trained to use a computer. This is beyond the push the power buttons, move the mouse or use a keyboard. This training should include at a very minimum … securing a computer.
Edited 2007-02-22 13:10
However, there is a brokering mechanism that enables users to download files to any location they have access to, or to install browser plugins and extensions, and the like. So users are still invited to make a mess of their systems
So Mozilla, Opera, Safari or Konqueror don’t allow you to save your downloads to any location you can access? Or allow you to install plugins? (well, some don’t).
Exactly how is this behaviour any different to any other browser available?
Sure, but when you have access to stuff that only an admin should have access to, the mess is much greater and much more dangerous. The biggest failing of vista is no the uac, but the fact that they still encourage users and software companies to use the admin account as default. In linux, OSX, BSD, whichever you like the first thing they ask you after everything is setup is to create regular user account. 8nix based OS’s have 2 very basic and simple account types root (admin) and user. Vista has plenty of account types yet by default uses the admin account. That their biggest mistake right there.
Vista has plenty of account types yet by default uses the admin account. That their biggest mistake right there.
Being an Administrator account only enables you to give higher privileges to applications that need them without having to use a seperate account for the elevation. Otherwise, the account functions as a standard user account.
Because the OS is more secure.
Remember, if you put your mouse pointer over a link, the actual URL will be displayed in the status bar. The link may say Bank of America, but if the actual URL is http://123.231.123.231/bankofamerica.com/u/0wn3d/dummy/ then it should be pretty clear that it’s a dodgy link.
What happens if you get the link in an email? (i.e. 99% of phishing scams). You don’t get any such status bar.
Besides, the type of user who is going to fall for a phishing scam isn’t the type of user who is computer savvy.
The phishing filter is to protect Joe User from himself, and is a great feature for such users.
What happens if you get the link in an email? (i.e. 99% of phishing scams). You don’t get any such status bar.
I just checked and I do get that information in the status bar (KMail 1.9.5, KDE 3.5.5)
“What happens if you get the link in an email? (i.e. 99% of phishing scams). You don’t get any such status bar.
I just checked and I do get that information in the status bar (KMail 1.9.5, KDE 3.5.5)”
As well I get the link in Evolution, Thunderbird, and Outlook 2003.
The key to Microsoft Windows security must be hidden in a small market share. If Microsoft Windows gets smaller in the market, it will automatically get safer. From 2005-2006 Microsoft Windows lost close to 2% market share, so Microsoft Windows is now probably 2% safer, thanks to the “market mechanism” – and that’s progress!
If Microsoft Windows would be downsized to a mere 5% market share it would become 16 times more safer, and that’s what I call real progress. Microsoft wouldn’t have to lift a finger.
But the real question is if 16 times is enough ?
Now where is my Pepsi, I have to . . [ :Þ ] . . into it
.
Microsoft never said they were insecure due to marketshare; they said they were the target of worms because of marketshare; the idea that if you write a worm, you want to write it for the software which is the biggest target – no one is going to notice something targetted at software only 1% of end users actually use.
As of Windows, Windows XP prior to SP2 as an insecure POS, to put it politely; SP2 is what Windows XP RTM should have been – given in the last few years, in terms of security problems, Windows XP SP2 has been pretty good; and Vista will be an interesting situation.
Windows Vista will be a benchmark on how well their new ‘secure programming’ is actually going; not only how secure the code, but how fast the turn around is in regards to patches being released and properly addressing the issue without causing system instability.
I didn’t read it because of the domain of the link: I refuse to continue funding The Register’s half written crap by visiting their site. It’d be nice if OSNews would stop funding them by not linking to their most outrageously titled articles.
Can someone who foolishly linked tell me: Did this article have substance? Or was it another 5 paragraph piece of flame bait?
No substance at all. It appears that to compensate for any real journalists on their staff, the Register basically resorts to writing sensationalist drivel in the hope of attracting links, which in turn, attracts the more rabid fan elements to their site.
Best they can do I guess.
that UAC will be disabled by a majority of users (and even less so DEP!). Right now the people using Vista are early adopters, they may very well disable UAC. But the majority of users will leave it at its default setting, just like pretty much every other setting.
Open Control Panel, click on User Accounts and Family Safety, click on User Accounts, click on Turn UAC on or off, authenticate, uncheck the box, click on OK, restart computer.
I just cannot see the average computer user jumping through the hoops to disable it.
Especially since the average user does not spend all his/her time installing and de-installing software, or tuning the system.
Instead of ranting on and on about how X does things better than Y and different from Z, i’m doing my own security analysis( not the most scientific method though). And here’s how i’m going about it:
I installed Vista ultimate over the weekend on my laptop (MBP) and using just the default install without AV, i’m going to use it as is and do everything, EVERYTHING!
That includes downloading torrents, going to hack/crack sites, sites that mama said not to go to…
basically the works, and it’s going to run this way for at least a week, 2 weeks if i feel like it. At the end of the test i am going to install and run an AV and base my judgement on what the results are.
Until then all this reviewscomments are based on assumptions and as such baseless to me.
A waste of perfectly good bandwidth and storage space on a server – could have been used for something useful like serving up porn or something.
As for The Register; its a complete joke when it comes to objectively; it is the Paul Thurrott of the Linux world, the Michael Moore of the Linux world.
When you see them review a linux distribution, they’re wooing around it like a randy teenager around a tall leggy blond – but completely neglects the details; the fact that the she is really a he. In the case of Linux – the fact there is no commercial software available, the alternatives are buggy and broken, and the hardware support is subpar and worse still, the ability to install proprietary drivers is hardly what I’d deem as a walk through the park.
Well that isn’t true.
How about a commercial Office offering for starters?
http://www.softmaker.com/english/index_en.htm
*solitary clap*
Software from a company no one has ever heard of – Adobes, MYOBs and Quickens are what I am referring to; the ability to go down to the local store and purchase a copy off the shelf.
I don’t *care* what happens in the US; the US is a pathetically small part of the whole world; the vast majority of end users go down to their local computer shop and purchase software off the shelf.
They’ve done it for years and they’ll continue to do is; just like the dot-com bullcrap about ‘everything going online, end of bricks and morter’ when in reality; all I see are people *quite* happy with going down to the shops; new ones are opening all time, and contra to the out of touch nerds and geeks, ‘normal people’ see shopping as a social experience, and be it clothes, books or software, its a social experience.
kaiwai, we get it, you don’t think Linux is ready for you. Do you really have to bring it up in *every* post you make?
This thread is about Vista security, please stay on topic.
Focus on the issue at hand. Vista still defaults installations to having the End Users run Administrative privledges without so much as a by your leave. This is stupid and a royal security risk.
You want to see the fallout, have a look at the gaming sites where you have teenagers getting the latest and greatest from their patents, running Vista and then telling everyone to disable UAC. This just throws any effort (or lack of on MS part) back to Windows XP days.
MS should have less accounts for priveledges to run, at the moment there are too many and it is stupid.
MS should force generic installs of VIsta to run under restricted User accounts.
MS should try using a Sudo system that keeps idiots safe from themselves and the net less affected from zombied systems.
I hear Bill G talk about dealing with spam (a problem that has occurred more so due to Windows lack of restricted and hardened security than anything else) yet his Fn OS is the reason why spam is so prevalent througout the internet. Spammers can zombie MS OS’s easily and get 3rd parties to unadvertantly do their dirty work leading to 2 problems.
1. Hard to track down the origins of where the spam comes from and
2. Pisses me off.
Get with the program MS of F-OFF cause you are at the moment a royal pain in the ass. Also, shove your DRM where the sun doesn’t shine!
As Rainer pointed out, there is some good tech in Windows but unfortunately the legacy crap is holding it back and part of that legacy is allowing all and sundry to run as Administrator by default.
The initial account for Vist is Admin, but runs with limited user privileges, unless the user performs a task that requires privileg escalation and OKs the resulting UAC prompt. The only difference between that and limited accounts is that limited users are required to enter admin credentials in a UAC prompt while admin users only need to press OK.
The default accounts on Mac OS are also admin (no, not root, but higher than “limited users”) and also requires the user to OK authentication prompts when performing a task that requires privilege escalation. Same thing.
Because it is simply TOO inconvenient for desktop computers. Mac OS X defaults to combining the major user with the admin and so does Ubuntu Linux. Vista is no different in this respect.
However, OS X and Ubuntu seem SENSIBLE about how often they bother you, unlike UAC.
What UAC essentially does is cry wolf at every single opportunity. So much in fact, that you eventually learn to ignore it or disable it, making it worthless.
UAC f*cked up the balance between convenience and security and Vista’s security will suffer for it.