Well, this was pretty inevitable, wasn’t it? We had Google employees detailing that their company has pretty much given up on Windows, forcing employees to use either Mac OS X or Linux. In what surely comes as a total surprise, Microsoft has responded to this report. Regarding the security claims, “the facts don’t support the assertion”, Microsoft states.
The response comes from Microsoft’s Brandon LeBlanc on the official Windows blog. Of course, there’s the usual “my security is bigger than yours” argument. “There is some irony here that is hard to overlook,” LeBlanc writes, “For starters, check out this story from Mashable a few months ago where it was reported that Yale University had halted their move to Gmail (and their move to Google’s Google Apps for Education package) citing both security and privacy concerns.”
Futhermore, LeBlanc points to a whole load of things Microsoft is doing that improve security, as well as a number of features that makes Windows and associated products more secure. Automatic updates, improvements to BitLocker disk encryption, parental controls, Internet Explorer 8 with Smartscreen Filter (“which has proven its success time and time again“), and so on.
“When it comes to security, even hackers admit we’re doing a better job making our products more secure than anyone else,” LeBlanc adds, “And it’s not just the hackers; third party influentials and industry leaders like Cisco tell us regularly that our focus and investment continues to surpass others.”
It’s the problem Microsoft is dealing with. As most people without an agenda will tell you, Windows 7 is an incredibly secure piece of software, with boatloads of advanced security features the competition doesn’t have – however, Windows is still the biggest target, and if you want a safe operating system, Linux and Mac OS X are simply the better choices since malware does not exist for those platforms (bar a few odds and ends in pirated software).
On top of that, Microsoft fully deserves the bad reputation it has garnered over the years when it comes to security, and this still coming back to bite them in the bum is a good thing. It forces them to step up their game, making sure users of newer versions of Windows are safer.
Microsoft dug themselves a pretty deep security hole, and now they have to dig themselves out again. Its going to take a while for them to overcome a bad reputation.
Also while I have heard some sources say windows can be more secure then osx, (though still less safe), I haven’t yet heard anyone make a serious claim that windows is more secure than linux or the bsds.
The security of Linux will depend on what additional precautions you take. Kernel options, additional security-related software, additional other software, whatever you have local users, whatever they can make their own executables, whatever you surf the web or provide network services, .. The BSDs depending on what BSD and all of the above except you may not have as advanced and varied choices of additional features/security solutions. In the end it will depend on the administrator and not the OS you have installed.
OpenBSD with an idiot believing his OS is bulletproof in any way possible will most likely be way less secure than a Linux setup by someone security-conscious.
Or anything is as safe as you use it. Just do not be logged is as root and you should be fine.
Google is at fault here, not Microsoft. Good lord they make their own alternative to IE after all.
If you run it in user mode and use a secure browser like Chrome and run a good malware/viri-scanner (only helps a little)
The default install of Windows is pretty bad security-wise.
So which features does Windows7 have that makes it superior to modern Linux distros??
I know that Fedora for example has SELinux rules for tons of programs, covering big parts of the repo, even Firefox. Ubuntu has not as many but also a lot of AppAmor profiles. So I would claim that Linux theoretical and practical security is better than Windows 7.
Unfortunately you’re not informed enough on this issue.
Calling Windows 7 default to be insecure, without any references, is not enough. We’ve seen times and times that (google for “Windows 7 secure”) windows is mentioned to be more secure than rivals, especially without Falsh/Reader installed.
Even Vista was more secure than Mac OS – in default configurations. There is an entire article dedicated to the new security features in it:
http://en.wikipedia.org/wiki/Security_and_safety_features_new_to_Wi…
UAC with low level changes like ASLR are pretty effective. And NT kernels had ACLs on everything (not only files/configuration, but also all kinds of OS features) long ago before we had user mode support in DBUS/ConsoleKit, etc.
But I agree that nothing currently matches SELinux. That’s an overkill for security (so tight, I usually had to tweak it to get my servers function properly).
http://www.osnews.com/story/21499/Why_Windows_7_s_Default_UAC_Is_In…
There is your reference.
Edited 2010-06-02 07:02 UTC
Theoretically Windows 7 and Linux Distros like the enterprise versions of Redhat and SuSe are both the same, they both conform to Common Criteria EAL 4 certification.
Now its the actually implementation that’s the difference, to meet these certified levels of security Windows Server Group Policies need to be employed to the desktop and on the Linux Distros SeLinux templates will have to be applied .. Out of the box who’s the safer ? No one most likely, ask the chaps at the hacking competitions getting free laptops and cash for hacks.. Mostly all OS’s fall at one point or another for one reason or another.
That’s like comparing apples with IBM-PC Juniors :p
These certifications only deal about military-style security through the whole access control dance which while useful in that context has proven to be of little utility against malware. If that security was the real deal all viruses would be written to run on OpenBSD which only has traditional UNIX-style permissions.
The real deal is and has always been code execution. If something executes you are done; and Windows 7 does more to prevent code execution than Linux and far more than MacOS X.
In the end, although I left Windows land long ago, my guess is that most malware(excluding the unsolvable problem of malware the users install) runs on the 32-bit version; which lacks hardware support for DEP.
All in all, their claim is spot on, and Google replacing Windows machines by macs presumably running MacOS is scary. GCC moves to C++, Betelgeuse goes supernova, the end is nigh.
Compared to Linux… no. Windows 7 doesn’t really have any additional security features. The major ones (various compiler options, NX / DEP, ASLR, included firewall, automatic updates) are present on both systems.
Some of those features may not actually be enabled on any given Linux distribution though. For example, this Ubuntu 10.04 machine I’m sitting at right now doesn’t seem to have hardware NX enabled. It looks like the default Ubuntu kernel doesn’t support it.
Further hardening options are available, but generally aren’t used on desktop distributions. There’s nothing stopping Google from enabling some of those.
Mac OS X is a different story. It has some of the same features, but not all of them, and some (like ASLR) aren’t nearly as effective as the Linux or Windows versions. That’s why Safari on Mac OS X fell first in the last few Pwn2Own contests – security vulnerabilities are easier to exploit on Mac OS X than on Windows.
Windows got good security features.
I have no idea whatever Chrome is much safer than any other browser. And if the browser fails it’s the browser which fails and you can’t blame that on the OS anyway. Or well, depending on whatever it fails in a way which let people take over the whole OS or not I assume. Randomizing memory locations and such techniques won’t really solve anything afaik. Only make it harder to exploit, but it will still be broken ..
If you take a default windows install, create a second user to run as, and bump the uac warning level back up to what it was in vista, you get something that is roughly the same to a linux distro with SELinux set up in a way that locks down daemons, but gets out of your way for user land stuff, and where the user you are running as can’t sudo. (uac prompts are the equivilent of ‘su -c “sudo <command>” <sudo user>’)
Since it got hyped so much, I also got a Windows 7 box. From my point of view it is a giant step into the right direction. On really has to say this and I am not only talking about security. But there is still a long way to go.
I know, the following may sound like a complaint to many, but I don’t mean it like that.
Microsoft finally decided to copy from others. Which is a good and the right thing. What speaks against copying good ideas? Lots of ideas and technologies have been copied from other operating systems, be it GNU/Linux or MacOS X. This really make Windows 7 a good release.
And now about the news post. Yes, Windows is the biggest target, but be serious. It isn’t the only reason for being more insecure than other systems. Until the ‘merge’ of the Win9x and NT product lines Windows has simply been a single user system without any security measures and Microsoft still cares for some compatibility with those old system. They also didn’t come up with a new alternative yet. So what is the result? It’s damn hard to add security to the system without causing lots of complaints.
I don’t really understand Microsofts strategy when it comes to compatibility, but it seems like this is the point. A huge system, which hasn’t really been designed for security needs to become security-aware without driving away too many people. Maybe that’s the real reason for always telling that the market share is the reason.
But it isn’t like GNU/Linux (and other systems, like the BSDs) wouldn’t have tons of security frameworks and for that reason it’s wrong what that they always come with their market share argument, especially when talking targeted attacks, like the the one Google had to take care about. At least, when it is like that.
So it isn’t like Windows (7) is insecure, but it isn’t more secure than Linux anyway. I don’t know much about Macs. BSD based operating system looks good, but this alone doesn’t make a system secure. So I have no idea about it.
Just my two cents,
without any knowledge
Afaik Apple delivers their updates late and I doubt they have cared much about making the OS or applications harder to break into because they have been able to rely on the fact that no-one seem to care about writing malware for macs anyway.
Regarding Windows I think I read some time that they had guidelines for how programs should behave / be written. As in not require lots of system access which would require or presume one had administrator access or things like that. But developers didn’t listened and followed those guides and hence they had a bunch of problems with applications in Vista. Anyway I think it’s understandable how it’s hard to merge everything in a system developed since the days of MS-DOS and still be somewhat backwards compatible/similar.
Maybe I should add that when I say Windows 7 I include the changes from Windows Vista.
No matter how long Microsoft toil away at attempts to improve Windows security, the basic paradigm of Windows, where only the author of software is allowed to know how that software works, or is allowed to fix it, is all wrong.
Malware can only exist in closed-source packages. If ordinary end users are routinely expected to install closed-source packages (without any visibility of the workings of those packages to anyone except the authors), then the end users will be likely to eventually suffer malware. It is almost inevitable.
The fact remains that the system of distribution of open source software packages via package managers and repositories is the ONLY method that has an impeccable record for distributing malware-free software to end users.
Edited 2010-06-01 23:53 UTC
Because as we all know the only way security can be compromised is malware included specifically within proprietary software. No other forms of threat exist at all.
“Yes, sure I want a funny frog remembering my passwords!”
“Who cares how it works, as long as it stores my passwords, so I don’t have to remember the pesky things.
Thanks for emailing this to me, stranger, that was very generous of you! I really do like the funny frog.”
Other forms of security threat, such as: brute force guessing of passwords, weak passwords, phishing, allowing a malicious attacker physical access to the machine … all of these apply equally to all types of platform. That is self evident, since the attack vector does not rely on any characteristic of the platfrom/machine/architecture.
However, having said that, the particular form of security threat known as malware DOES rely on a number of characteristics of the target machine. It relies on a known binary API applying to OS of the machine being attacked, it relies on being distributed through closed-source binary packages whose workings are known only to the author, and it relies on the end users of the machine routinely being used to installing closed source binary packages about which they have no ability to audit.
Edited 2010-06-02 01:56 UTC
It isn’t wrong, it’s effective as a business model and the open source world has proven to be ineffective at replacing all types of proprietary software. So if you want to talk computer security then please first exit Stallman fantasy land where all software is open source.
Only method huh? What about the app store?
Edited 2010-06-02 03:37 UTC
It is wrong from a non-expert end-user point of view. They are susceptible to malware in a big way through this wrong-headed paradigm, and it is no fault of theirs.
You will need more than your unsupported opinion to make that point.
There is no need that all software be open source. There is, however, a distinct need to remove the common practice of “downloading un un-vettable executable binary from the Internet and installing it” as the most common method for non-expert end-users to install software.
http://www.esecurityplanet.com/headlines/article.php/3873196/Apple-…
http://news.cnet.com/8301-27080_3-10446402-245.html
http://webcache.googleusercontent.com/search?q=cache:AQgbE1_uRNEJ:w…
Edited 2010-06-02 06:50 UTC
Which one of those links is a vulnerability of the AppStore? I see none, the first is an email-scam (that uses the name of the AppStore), the second two are the same security risk on any system: that applications you install can access some of your private data.
The App Store itself is a vulnerability
It provides an attacker (Apple) with the right to do whatever he wants with user software and apps.
As an example, did you notice how the iPhone HD prototype was magically killed by Apple as soon as it connected to the iTunes store ?
Now can you imagine what an attacker who lures the phone into believing that he comes from Apple (the exact mean depends on the way Apple accesses the phone) can do ?
Edited 2010-06-02 13:53 UTC
Open source models have been completely ineffective when it comes to replacing business applications and games. Tux Racer is not an adequate alternative to Gran Turismo. There are thousands of business applications that have no open source alternative.
Open source models can be very effective in some areas like server software but not where software requires a large team of professionals from a variety of backgrounds.
I agree that users should not be using Google to find software. Simply directing them to sites like Softpedia would make a huge difference. I also think more programs should come with the OS and auto-update by default, especially programs that process web content. They do not have to be active by default but they should exist to keep users from Googling common software and they should provide a basic alternative to software that has a poor record when it comes to security (cough cough Adobe reader).
As for the links you provided they didn’t show malware coming from the app store. It could of course happen in theory but the same can be said for any system that depends on human analysis.
Malware can be snuck into open source and it has happened before:
http://linux.slashdot.org/story/09/12/09/2215253/Malware-Found-Hidd…
“Open source models have been completely ineffective when it comes to replacing business applications and games. Tux Racer is not an adequate alternative to Gran Turismo. There are thousands of business applications that have no open source alternative.
Open source models can be very effective in some areas like server software but not where software requires a large team of professionals from a variety of backgrounds. ”
1. Your are suggesting that development model and resulting program are the only variables involved in the success of business applications and games. Let’s not forget lock-in, market momentum, marketing budgets and the other variables that can have significant effect outside of a product’s build quality and function set.
2. Not where software requires a large team of developers from diverse backgrounds? Are you serious? You’ve just described the development communities around a significant amount of the FOSS world.
good post. +1
“ineffective at replacing all types of proprietary software”
OpenSSH is a nice replacement for Telnet.
BSD is a nice replacement for proprietary Unix.
Firefox is a nice replacement for proprietary browsers.
Tell me about “all types of software” again cause I think our definitions of “all” may be different.
It has been effective at replacing some types but not all.
That is what I was saying.
Everyone here knows that open source is a viable replacement for many types of proprietary software.
You know, the foss trolling is getting annoying. Foss is a great thing, but this is a large world with room for all kinds of development and distribution models. While I’m at it, a question to the foss trolls: If you were dying, would you refuse medical treatment because the devices’ software isn’t foss? You people treat it like a religion, not a software development idea.
Malware could exist in foss as well. Just because it hasn’t happened yet doesn’t mean it cannot. How many distributors go through every single line of code of every single program in their repositories? Every single line of code? I’d be willing to bet the answer is none, and that there are packages or bits of code in packages that are touched by one person and one person only. It only takes one to burn the house down, so to speak.
They certainly don’t have the resources to go through every line. Even if they did malicious code can still be hidden within complex algorithms. I have seen nasty exploits that were less than 30 characters and could have been easily buried inside an algorithm.
Linux distros and packages are really built around trust, it wouldn’t take much for a competent programmer to get on a team and sneak some malicious code into a large project. It also wouldn’t be hard to become a package maintainer and do it that way.
The vast majority of hacking these days is motivated by profit and Windows users are a better target. I was reading an article a few weeks ago on how hackers can count on at least 1% of Facebook users to have old, unpatched systems. That’s scary. Reminds me of a computer I came across where malware was battling for control of the system. Getting on the system was easy, it was the other malware that was causing problems.
darknexus:
You know, the attempts to spread misinformation about FOSS is getting really annoying.
A good try, but there are two points you should consider.
(1) Maintainers do not have to go through every single line of code of every single program in their repositories, they go through every single CHANGED line (since the last version).
(2) Repositories have an impeccable record.
Now consider that you have a really cool 30 lines of malware, and you want to hide it in some FOSS program in a repository. Since (as a malware pusher) you are likely to be a new contributor to that FOSS program, your 30 lines are going to stand out in the changelog like red flags to a bull.
The very first thing the distribution maintainer is going to ask is: “What exactly are these 30 new lines of code from this newbie supposed to be FOR????”
Your attempt to slip in obfuscated malware into the FOSS repository is going to be exposed in an instant. You will never be allowed to submit any changes again.
nt_jerkface:
Nope. The 30 characters appear on their own in the changelog. The maintainer is going to ask why they have been added. The more obscure their purpose, and the newer the contributor, the closer the scrutiny they will get. If it can’t be determined what the 30 characters are for, the proposed change will be rejected out of hand.
Nope. You don’t get to become a package maintainer by just showing up some day from out of nowhere with no history or credentials.
Absolutely. Therefore, they very best thing to do to avoid malware is not use a Windows system. Especially not an older unpatched system, but really, to avoid being a prime target, the very best way is to avoid Windows entirely.
As Google have apparently decided to do.
Edited 2010-06-03 03:26 UTC
I think you’re missing his point. If the maintainer is the person who slips in the malware, game over.
Repositories have been compromised before. They’ll be compromised again. There is no such thing as an unbreakable repository, and both FOSS and non-FOSS are subject to similar problems.
http://www.eweek.com/c/a/Security/Security-Web-Digest-Major-Open-So…
http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&l…
http://www.itbusinessedge.com/cm/community/news/sec/blog/hackers-ac…
http://linuxdevcenter.com/pub/a/linux/2001/06/04/insecurities.html
So what. Most organizational crimes are committed by trusted insiders. Not unknowns.
The idiotic thing about these kinds of statements is that they presuppose that security is the predominant factor to consider when buying a computer. Which is not only silly but strikingly naive/obtuse. Furthermore, you’re wrong: The best way to avoid malware is to not use a computer at all. Or to unplug your computer from a network.
But, I digress. Most people choose a computer based primarily on its features and what it can do for them. Security isn’t a feature. It’s a process. Modern operating systems provide an adequate amount of security for the average person, and arguments over who has better security are little more than thing-waving contests, populated by blowhards.
LOL. You’ve been suckered by a PR stunt. Google is trying to launch a new operating system (Chrome OS); in order to get there, they need their employees to “eat their own dogfood”. The bigger question is “who cares”? Because Google’s conflict-of-interest with regard to the Windows platform isn’t interesting or news.
Edited 2010-06-03 04:41 UTC
Look carefully at these incidents. These are hacks … someone guessed a password. Now tell me, from each of these hacks, exactly how much malware ended up being distributed to an end user’s system from a Linux distribution’s repository? I think you may find that the answer is “none”. This is what I mean by “Impeccable record”.
Now, exactly how many compromised Windows machines are out there by current estimates? Many millions. A goodly percentage of those machines have been compromised by the user actually downloading and installing a closed-source binary package.
Edited 2010-06-03 05:31 UTC
Please … stop the BS. The repositories were compromised via trojan horses, cross-site scripting attacks, buffer overflows in SSH, etc. Not “guessing at passwords”.
That’s irrelevant. The issue is repository security. Multiple breeches is an existence proof of poor security. LOL. The burglar broke into your house multiple times, but chose not to take anything — and you think that’s an IMPECCABLE RECORD. LOL. Thanks for the laughs.
It is not at all irrelevant, in fact it is precisely on topic.
On a handfull of occasions, hackers have by various means managed to break in to servers which held open source repositories. On a few occasions, hackers even gained root access.
The nuber of occasions they were able to use this breakin and access gained to actually slip in some malware source code, undetected, into the actual repositories, so that it would end up compiled into open source applications within the repositories and hence on to actual end user’s systems?
Zero times. Zilch. Diddly squat. Nada. Not even close.
(NOTE: leaving a trojan horse program on the server is NOT the same injecting source code into the repository’s source code tree, from where it can promulgate to end user’s systems).
Despite having the acess permissions to do so, and the opportunity, on a number of occasions, they still couldn’t figure a way to successfully compromise the repository/package management system without being detected.
That is the strength of the system.
LOL right back at you.
One of the reasons why I’ve come to disregard your opinion on virtually every topic is that you’re an unreasonable guy. You can’t admit the bad with the good, and you’re constantly propagandizing. You are the very definition of fanboyism, at its worst. There’s really no room for intelligent discussion with you.
In other words, you have no point whatsoever to make in response, you are utterly out of ideas, you are way too stubborn to concede a point, so you thought you would resort to an ad hominem attack.
It would be hilarious if it weren’t so utterly predictable and boring.
I won’t concede a point? I already did. I conceded that repositories for both FOSS and non-FOSS are insecure. I get a little tired of beating you over the head with the evidence, and have better things to do with my time.
You have no evidence whatsoever.
Not once have you been able to show compromise of the content of a FOSS repository. All you have shown is a handful of occasions where people have hacked a FOSS repository server, which is not the same thing at all. Hacking a repository server is NOT getting malware into the repository. The former does not imply the latter, which was the actual claim you were attempting to refute (but failed).
If you are really having trouble understanding this, as you appear to be, then this post includes a little analogy involving warehouses that might help you follow:
http://www.osnews.com/permalink?428040
The actual claim is essentially this: there have been no known instances of an end user’s system getting malware via a Linux distribution open source repository.
Don’t bother trying to come up with actual evidence trying to refute the actual claim (as opposed to a strawman claim that you made up), because you will indeed be wasting your time.
PS: Here are some stats from my OSNews user page:
Number of Comments: 4206 (3851 voted up, 71 voted down)
Number of Comment Votes Applied: 198 (96% positive moderations)
Here are the same stats from yours:
Number of Comments: 2328 (1020 voted up, 499 voted down)
Number of Comment Votes Applied: 1074 (39% positive moderations)
Grouch.
Edited 2010-06-04 03:26 UTC
Google is a poor example. They reject Windows but prefer osX for “security” reasons; that’s patently laughable. Apple’s slow and closed response to vulnerability patching not being least on the list.
Also, osX currently relies on small market share as a protection mechanism. In the case of blanket attack, this may provide some value though I abhor obscurity as anything more than a dusting of icing sugar on top of real security mechanisms. Google was breached with targeted attacks which would have been tailored for whatever OS they where running inside. Tailored attacks negate any benefit found in having a small market share. It’s not the number of attacks; it’s the number of repelled attacks that matter.
The chocolate factory will get a few weeks of news coverage out of the change in policy. This is probably far closer to the reason for this change.
I’m not talking about showing up and adding 30 characters to a random project. I’m talking about getting on a team and developing class x for project y which includes an algorithm with hidden malicious code.
Well I wasn’t suggesting that it be done it overnight. But it isn’t as if package maintainers have to go through some security check. Just look at the application process:
http://fedoraproject.org/wiki/PackageMaintainers/Join
The prime targets are XP/IE6 users that will click on links in random emails. Just about every exploit in the last few years has involved luring users to a compromised website. Only about 1% of those attacks were directed at US users. It’s easier for them to target countries where piracy rates are high which means more systems with updates turned off. It isn’t like the pre-XPSP2 days when worms were running wild and MS was moving too slowly on security.
This happened on which planet? I think I read a James Bond story similar to this once, where a bad guy infiltrated this organisation, and was a mole there for many years, secretly developing his plot to take over the world …
Pfft.
http://www.computerworld.com/s/article/9158578/Over_75_000_systems_…
http://www.enterprise-security-today.com/story.xhtml?story_id=12000…
http://www.infoworld.com/d/security-central/hannaford-malware-plant…
http://news.cnet.com/8301-27080_3-20005673-245.html
http://www.computerworld.com/s/article/9175943/Update_Malware_infec…
http://www.securecomputing.net.au/News/161645,jb-hifi-overclockers-…
http://www.net-security.org/secworld.php?id=7313
These aren’t “XP/IE6 users that will click on links in random emails”.
Of course. All current desktop operating systems can have all their super-secure security models defeated by something like “rm -rf ~/*”, as far as I know…
Well, that’s more of a philosophical position. FOSS advocates would say the benefit of openness is that unless proved otherwise, there’s more people ready to correct security flaws than people ready to introduce some, so that flaws never last long. Proprietary software advocate would say that to the contrary, everyone is arguably evil and a closed source is the sole way to protect itself from the baddies.
(Myself, I use both and think that all shiny security features will never replace a user who knows what he’s doing. That a more informative and less frequent UAC/sudo prompt would be more useful than thousands of the current security features.)
Edited 2010-06-03 05:05 UTC
Sigh!
Imagine a room of 10 people, and all ten are asked to write down their thoughts on a topic. All ten do so, but five of them place their books open on the table, and begin to discuss it in public with each other, and bounce ideas off each other. The other five people all write their thoughts in a diary and they lock it away from view, and clam up.
Which set of people have something to hide from the others in the room? If someone had some malicious intent towards others expressed within their writings, which behaviour would they adopt? If you are a stakeholder with an interest in what was written, which set of people could you trust?
It has happened. Unix like systems hosted some of the first viruses. I’d even point out that repositories have been breached in the past. You can even go read about how a Debian developer broke OpenSSL. Since these are open communities that value transparency, you can also read detailed about the cause and the resulting resolution. We should also consider the time it took to correct issues when found. Red Hat locked it’s repositories down right quick. OpenSSL was fixed within the week after discovery including public disclosure and additional packages specifically to block the use of weak certificates resulting from the SSL issue. Viruses and similar show a much shorter effective life as the vulnerability they exploit is quickly patched.
In terms of Windows; I wouldn’t care if a new vulnerability was found every hour provided it was patched within a day of discovery. Outside of the user, no vulnerability should be a repeat performance. We will see how Windows7 holds up but past versions have been very poor examples of product quality.
osX still falls third on the list though. Has Apple patched the pwn2own vulnerabilities yet? Mozilla has that taken care of within a week of the contest. How is Apple doing with the Iphone bootup vulnerability? Do they still leave ports wide open by default with no possibility of adding firewall rules? How up to date is Apple-Java since they have to maintain there own inhouse reproduction?
Sorry, but no. None of those instances was a case of malware getting on to an end user’s Linux system via a Linux distribution repository.
The repository/package management system for Linux has been in use for many years now. After many years, for thousands of packages, many distributions, and millions of users, no-one has yet been able to identify a single instance of malware getting on to an end-users system via the repository/package management system.
If one uses only the repository/package management system for Linux to install open source software on one’s Linux system, then one is guaranteed, for all practical intents and purposes, to never get malware. The historical record very much supports this observation.
Insofar as compromise via unintentional flaws in a modern Linux system, despite the fact that a few early viruses were written for Unix, it still remains the case that there are very few viruses “in the wild” today which can compromise a Linux system. The chances of one using Linux on the Internet and actually encountering such a Linux virus “in the wild” are so remote as to be incalculably small. Infinitesimal is a good word.
For some reason, people on forums like this one often try to ignore these facts, and they try to come up with ever more desperate assertions in an effort to try to insist that using Linux still leaves one vulnerable to malware just as using Windows does.
I have no idea why some people continually try to assert this (sometimes with nasty invective and ad hominem attack thrown in for good measure), because very clearly it is just not so.
Edited 2010-06-03 15:33 UTC
This is something we’ll have to agree to disagree on. I consider a breach in the system a security issue even if the results where not getting malicious code injected downstream. Someone without valid authorization still got into the system. I do agree that getting malicious code into the final repository builds is not a remotely easy challenge nor, if successful, is keeping that malicious code undiscovered and in place.
As was said by someone else; I don’t care if the burglar didn’t take anything but a glass of water – they still broke into my home and that is the security breach even if the outcome was mitigated.
The more important point and focus of my comment was not that security issues happen but that they are resolved very quickly once discovered.
This will happen for any system. Linux is not immune to hacks. It is no more of a problem on Linux than any other system. It is a thoroughly moot point.
This is the pertinent point. In fact, it is so difficult, that no-one has ever achieved it.
They didn’t break into your home. They broke into a warehouse where you get some of your stuff from. Even though they broke in, they didn’t manage to do any damage. Security cameras in the warehouse show this very clearly. None of the products that you use were in any way affected, and in any event the products that might have been affected are available to be inspected and audited by you or anyone else who wants to. The warehouse door locks have since been changed. No other breakins have occurred since.
Precisely.
warehouse, home.. it doesn’t change the analogy. If I come home and find a stranger on my couch and they say “hey, I only broke in an sat here.. I haven’t touched or taken anything from you” I’m still going to be pissed. Parts of my home security have failed even if the outcome was mitigated.
If I’m the warehouse manager and someone breaks into the facility then takes a walk around the shelves then says “yeah, I broke in that door at the back that got left unlocked although it was aperent this is a restricted area.. but I didn’t take anything.. I just had a look at your inventory”.. the warehouse manager is still going to be pissed.
If someone breaks into your home computer and leaves you a note on your desktop saying “ar.. I’ss is broken into your puterses but I didn’t leave any malware behind or copy any of your personal data”.. you aren’t going to care because the outcome was less damaging than it could have been right? Your going to email them back and offer them toast and jam on it because, hey, they didn’t break anything so it’s all good?
Do you manage the computer systems at work? Is your boss concerned with unauthorized entry only if leads to the worst possible outcome?
I’m not saying that *nix repositories are falling over every other day. I’m not saying that the track record for repository distribution is not far and above taht of non-repository based systems. I’m simply recognizing that there was a failure of security (even with it being my preferred OS and distribution method). The lack of resulting damages makes it a lesser breach than it could have been but it’s still very much a security incident.
Now.. I gotta get back to recompiling a kernel so I can try and get vmware server 2 installed cleanly. For some reason.. Debian 64bit Lenny stock kernel’s headers don’t match the stock compiled kernel (WTF is that about?) and I’m grabbing at threads here to get the damn thing installed (virtualbox-ose lacks required features, virtualbox-3.2 is as stable as a charles manson follower, qemu-kde won’t do bridged networking worth a sht)
I read a good point on PC World. They argued that Google claimed they were directly targeted by the Chinese government. In this case, the “biggest target” argument wouldn’t make much difference, as Google was the target, and not the operating system. The Pwn to Own contest was the example of being able to infiltrate OS X.
the pwn to own was a font based exploit. sending I believe a malformed font pdf in a browser. The practical matter is that there are few real threats to the BSDs and the Linuxes out there.
If you are not logged in as admin how far can any exploit go?
This exploit relied on the end user viewing the PDF using a praticular application running under a particular OS.
If I had been “socially engineered” to view such a PDF file, I would still have been OK since it couldn’t compromise my Kubuntu 10.4 OS running the Okular PDF viewer application to look at the PDF file.
Attacks such as these strictly rely on a near-monoculture running on the end user’s machines. Hence, “Biggest target” is no myth, it is actually a fundamental requirement of most attack mechanisms.
Edited 2010-06-02 02:06 UTC
If you are not logged on as admin, you just need a privilege escalation vulnerability to get admin. Those tend to be more numerous than remote vulnerabilities, and tend to patched later as many administrators ( and some app & os vendors) consider them to be less impactful.
It can read and write all data which belongs to you in your home directory (and all other places where you have r/w-rights as user). It could zip up all your data in an archive and transfer it back to the attacker. It can do everything a normal user application can do.
I mean, seriously, what’s worse — an evil application deleting or transferring your entire /usr/bin or your /home/username?
Bingo.
that is the kind of thinking that gives linux and mac users a false sense of security. getting into a machine is the first step, getting passed the OS level security is the second. google for something like “sudo exploit”, that is how you go far running as a user not logged in as admin.
Where I work, you have a choice of a heavily locked down Windows Vista or a Mac/OS-X system.
Guess where all the bad stuff lies?
We had one case a few weeks ago where someone uploaded a files to Sharepoint (Sigh) that was laden with malware.
Thirty, yes thirty Windows system were wiped out before it could be stopped.
None of the Windows systems had Admin access. The Lock down policies make even taking a backup of the registry as a system restore point impossible.
This is why ALL of our sensitive data is on AIX or Solaris servers.
I have to use Windows for Software Dev but this is in a VM on my iMac.
The lockdown policies mean that the app framework I develop for won’t run on any Windows version except XP and no one in their right mind uses that anymore, or do they. I do all my testing in a Linux VM.
Windows is a lost cause as far as I’m concerned.
fine, but your story basically boils down to using a mac prevented you from getting a windows virus (sort of like how it keeps you from using VS or whatever on your mac). Using your mac did not prevent you from getting a mac virus, or having someone pwn your machine, which is more what I was talking about.
The original poster basically said that because as a user, you have to type in a password to muck with system files, that means that malware wont be able to do much. That is just plain false, but it is a fairly prevalent idea with linux and mac users. User level security is part of it, but not the whole story.
I think the point was not just this year’s Pwn to Own, but in every Pwn to Own, Mac OS has fallen. Windows went down as well, but Mac OS certainly isn’t invulnerable.
And this is mainly from one guy whose motivations were $10K, some notariety for himself and his business, and possibly some geeky chicks. If you put the resources of the Chinese gov’t behind it, it becomes a whole ‘nother ballgame.
Pwn2own is a targeted attack where an exploit may not be used against more than one os/hardware combination so contestants much choose which target they are going to fire the one shot at. At best, the measures the researcher’s abilities not the target’s resistance. If it was about measuring the OS/hardware then the same exploit would be fired at all available targets and results of that test made public on the score board.
For me, the more interesting metric is how long it took each platform provider to patch the demonstrated vulnerabilities. In that regard, Mozilla stomped all over Microsoft and Apple with patch times. As I said elsewhere; I don’t care if there’s a new vulnerability found in a bit of software every hour provided it’s patched within the hour afterward.
Well, Google has been a douche lately, trash talking to apple and MS.
Boo to Google.
We had Google employees detailing that their company has pretty much given up on Windows, forcing employees to use either Mac OS X or Linux
Google employees arent worth spit. They been spewing that Google products are better than other brands be it MS, Yahoo, Ebay, and many others. They time and time again, Goog products keep failing in the market place and quietly discontinuted. Im talking about Goog Docs to Goog Finance page.
Their recent bout with MS products is a response to being smacked around because they critize MS products but are unable to stop using MS products internally.
So they come up with stupid reason. Im talking about MS OS and Office. If you dont know MS office, chances are your not going to get hired. Goog spin machines just loves to spin itself silly and stupid.
Apple back in 1984 did the same with IBM, yet as much as they put up an Anti-IBM face, they were running their business using and IBM mainframe. Go figure.
Edited 2010-06-03 00:41 UTC
They should stop trying to improve the image of “Windows”. This would have been the best time to drop the boat anchor that is backward-compatibility and come up with a brand new OS with a shiny new name.
Aww come on, that would just deprive us of classic tv like the Seinfeld adverts ;p
Microsoft BOFH (Button-operating-Filesystem-handler)?
Windows 7 UAC defaults can be bypassed
http://www.pretentiousname.com/misc/win7_uac_whitelist2.html
Auto-elevate whitelist to inject your processes into:
http://www.withinwindows.com/2009/05/02/short-windows-7-release-can…
Or eat a bag of zero day exploits. Why is it that every Linux install page that I have ever seen says make a regular user for day to day usage. Heck on my Linux box admin is not named admin and I do not log in using my administrative account. On windows the default behavior is The first user is admin and system updates do not prompt the user for a password – A smart user can generally mitigate the risks but that means being smart all of the time.
Microsoft is upset and rightly so because if people perceive what is pretty clear to the tech crowd, if the average user feels that Microsoft is both obsolete and irrelevant. Then what are they bringing to market? If windows were a new product would it be ready for market? I do not think so. But many people who go to this site still keep a windows box around, weather it is for “Games” or “Media” or even pr0n (which is valid I suppose, just not within my personal tastes) If that is all there is too it then why not use a Playstation.
OR if Not Using Microsoft is a viable Option for Apple and The Big G, then it just might be time to rethink the what we use computers for.
“the facts don’t support the assertion”
I thought said thing is what Microsoft by themselves always doing against competitors? Coincident..
Any time I hear Microsoft representatives talk about “facts”, I think of two things:
* getthefacts.com, which might have been presenting some facts, but a very narrow selection of them.
* The simpsons episode where Marge is selling houses and someone explains that: “There’s the facts (looks grave and shakes head) and the facts (smiles and nods)”
This article sounds biased to me! It sounds like Windows is the only OS in this world is insecure. Being a technical people’s article, this article doesn’t convey much rather shows the author’s hatred towards Windows & Microsoft.
Windows OS is as insecure as Linux & MAC. Windows OS is as secure as Linux & MAC. All the OSes and applications are insecure in this world. As Windows is the leader in the market as of today, Hackers get more user base (benefit) by hacking if they find one vulnerable in Windows than one in MAC or Linux.
Microsoft is definitely investing a lot on security of its product, there is no doubt.
Can anyone name a OS or highly used application in this world, which doesn’t have any vulnerable in last one year ?
Windows doesn’t became insecure for Google all of a sudden. They are angry and much disappointed , because their network was hacked. Now, they have to blame and punish someone for a mental satisfaction. So this is one way for letting angry out. Chrome browser also has security vulnerable. Google is fixing those and releasing it as next version of browser
Kindly don’t write this kind of kids article.
Can anyone name a OS or highly used application in this world, which doesn’t have any vulnerable in last one year ?
That’s not a useful thinking IMO. The level of significancy of problems and whether there are fixes for those problems and how fast the fixes become available are important to the security. The local exploit on a safely managed/guarded server won’t be much dangerous than the remote exploit on a loosely managed server. Therefore, comparing the number of vulnerabilities alone cannot judge anything.
That can’t be right. The Apple people on OSNews have already decided I’m pro-Microsoft and anti-Apple. In other words, either you’re right, or they’re wrong. What’s it gonna be?
You’re Pronti-Micropple!
Totally off-topic, but had to be said!
The OS has little to do with security. It’s all about the brain. If does not matter how many security features you implement in the OS, grandma will still reply to that email asking for her admin password.
This means that the product will be secure later not now. If you were so particular about security, you would have taken those steps earlier.
This quote is like “We are builing a wider bridge” and a huge accident happened when full bridge collapsed and many people lost their lives. Then MS comes out and say “That’s BS, we are building a stronger bridge which won’t fall so easily”. They forget the damage which has already been done.
Wow, this was an entertaining reading!
However, I cannot agree with the statement, that dumping Windows in favor of MacOSX or Linux will make you free of any malware eternaly. It will just keep this momentum for some time, but the calculation is pretty simple:
bigger ‘alternative’ = bigger threats
And … the problem of Microsoft Windows is not just the fact that it’s the most popular OS platform – it’s the fact – itself – that it has a very poor architecture and non-security-oriented development model. You can’t build secure OS on an unsecude base.
Since you obviously are knowledgeable enough to judge OS architecture, maybe you could show us exactly what you mean. Otherwise it’s just empty words I’m afraid.
…and in all fairness, there’s room for improvement security-wise in Windows, Mac OS X, and Linux
***COMMON***
–The Administrator/root notion
It’s ages old and does not matches today’s needs. It assumes that someone knows for sure what he’s doing. Today’s desktop OSs have grown so complex that no one absolutely know for sure. Every non-paranoid people can be lured by a well-made phishing mail…
Moreover, the user/admin brutal separation means that users can do nothing and are at the mercy of any insane administrator which is never there at work and does not listen to its clients.
The only solution to this problem would be a more precise description of what a program wants to do, letting the user checks if it works as advertised.
–Monolithic kernels
Drivers deal directly with the hardware, hence it’s very difficult software to make. Coding and errors in driver software are hence very common. Yet at the same time they get the right to do basically everything, including as an example stopping the scheduler’s clock or alter kernel memory. Something is wrong there.
Solving this problem requires moving drivers out of the kernel, and only give them the the rights that they need for their job. No currently widespread desktop operating system does that properly.
–Huge basic setup
Windows and Mac OS X both currently weight 4-6 GB on the hard drive. Desktop linux distros like Ubuntu weight 2 GB. Comparing what a freshly installed system can do, taking into account which features the average user will use, that’s HUGE ! In such a bloated pile of crap, there’s no way thousands of security flaws don’t hide.
The solution to this problem is to screw up compatibility, remove legacy software, reject bloated ~60MB drivers, and completely remake the system distribution from the ground up, including only things that are really useful. Sadly, it’s a difficult decision to make, because it means alienating a lot of users.
***WINDOWS-SPECIFIC***
–Poor isolation
Recently, Microsoft has been working in order to isolate various parts of the OS from each other and make sure that they only get the security permissions that they need. However, there’s still some work to do. As an example, user software is still not concerned by this, getting the right to anihilate all user files at will. This needs fixing.
–Few shared libraries, no central package management
Programs tend to include all libraries that they use, on Windows. This means that when a security flaw is discovered in one of those software, each program has to be updated separately. That is, for the very few softs which *do* provide security updates, because due to lack of centralized package management, if a soft is not maintained anymore by its manufacturer because it has reached a mature state, it’ll keep its known security flaws for ever.
–IE at the core of the OS
There used to be a time where HTML was a simple language that could be described in a 200-pages book, with exercises included. That’s not the case anymore. All web standards are now bloated piles of crap, which no developer (be it a web developer or a browser developer) fully understands. This explains why modern web browsing software weights ~100MB in RAM nowadays and is full of security holes. That won’t stop unless web standard are streamlined so that they only get extremely limited access to the underlying OS, and unless web browsers are set up accordingly.
Now Microsoft did something horribly wrong there : they took one of those bloated and insecure pieces of web browsing software, and put it at the core of the OS. The control panel is managed by a web browser. File browsing is managed by a web browser. Desktop wallpaper is managed by a web browser. How can such a setup be safe ?
–Software installers
This is more of a legacy issue than a Windows issue. Windows users suppose that in order to install software, they must run a .exe which must get administrative rights. Result : all malware has to do is to look like a software installer, and voila : administrative control is granted.
The sole way to stop this is to make a breakthrough release of windows, which is not labeled windows, and on which you use special “package” files to install apps, which use a properly isolated package managing software (or do not get installed, the Mac way)
–Antiviruses
To get somewhat protected against malware, Windows users usually install a soft that can easily be labelled as malware itself :
*It horribly slows down the system, including during common tasks like file browsing.
*It gives a false sense of security (users are not protected against the milions of malware which did not get reported yet)
*Due to the large amount of malware around, antiviruses are bloated softs that must get extreme administrative rights in order to work. Can you imagine a better source of security flaws ? Many people already experienced how much harm antivirus software can do due to a human error…
–Windows assumes user is stupid
When you get prompted for your password, the window is something like : “This program requires administrative rights to work. Are you going to give those ?”. The answer is obviously yes, so the user is going to aggree without even wondering about what’s hapening. For permission reduction to provide proper security, the popup should precise what precise kind of right the soft requires, along with maybe some analysis of rights which automatically detects “dangerous” asked permissions and display them in big letters and on a red background.
<Rant about Mac OS and Linux coming, too>
Edited 2010-06-02 08:57 UTC
<Here is the Mac and Linux rant>
***OSX-SPECIFIC***
–False sense of security+++
OSX devs do not care about security. At all. Firewall and automatic updates disabled by default in OSX 10.5 and most applications being able to do whatever they want without administrative right is a perfect example of that. Well, I’d say that this is fine, as long as Apple engineers tell their users to take care of what they’re doing.
But to the contrary, they’re telling the world “HEY ! WE MADE THE MOST SECURE PIECE OF SOFTWARE IN THE WORLD ! IT INCLUDES UNIX SECURITY ! BETTER THAN WINDOWS ! FR3E V1@GR4 !!!”. This way, the mac user feels safe, which he/she effectively is, but only as long as the mac platform remains a niche market that’s not targeted by malware manufacturers. All security in Mac OS X comes from the fact that it uses work from an open-source community which *does* care about security. But many of its behaviors are not safe at all.
–Limited use of shared libraries and central package management
Same issue as before. Same consequences.
–OSX assumes user is stupid
Exactly in the same way as windows, again. Maybe something worse, because of the issue pointed above.
***LINUX-SPECIFIC***
–Isolation is poor
Linux is deeply built on the user/admin model, which again dates back from times where malware did not exist and where software was much less complicated. They try to improve through isolation, using the SElinux technology. However, most linux software and users are not ready to work with SElinux. Hence administrators encounter endless issues with it, and end up either clicking yes all the time or disabling it.
The sole way to avoid this behavior is to send a mail to all software writers/package managers, politely asking them to use SElinux, and 5 years later remove from repositories any software which does not support it. Is it going to happen ? I don’t know…
–Desktop linux generally assumes user is stupid
Thanks to SElinux, this is slowly improving, but most linux distros still show you easily spoofable prompts which read “This software requires administrative rights. Please enter root password”. No clue what said software wants to do. Hence no security. The root vs user, again, is made to reduce user rights to avoid a system crash due to human error or intentionally evil behavior. Not to improve security of the administrator.
Edited 2010-06-02 08:56 UTC
Thanks to SElinux, this is slowly improving, but most linux distros still show you easily spoofable prompts which read “This software requires administrative rights. Please enter root password”. No clue what said software wants to do. Hence no security. The root vs user, again, is made to reduce user rights to avoid a system crash due to human error or intentionally evil behavior. Not to improve security of the administrator.
While mostly true it’s not always that way: atleast I always get a prompt asking for the password and it says which application is asking for it. And luckily, you rarely need root password under Linux to do anything. As such, if you do something that needs root password you most likely know what you’re doing; general desktop apps don’t need it.
Though, that’s not to say it still couldn’t be improved. Like f.ex. I’ve alwways been annoyed by the fact that while it is possible to install apps only for the current user in a way that doesn’t need root permission not a single distribution actually provides this feature in a meaningful way: if I double-click on an RPM it just asks to install it system-wide. It could instead ask whether or not to install it only in the user’s own home directory, or system-wide. (Of course, provide sysadmin with a switch for enabling/disabling this feature as needed.)
Well, if an user is prompted for a password each time an update must be installed (which happens quite often), he will end up always entering his password in such a window…
Edited 2010-06-02 13:57 UTC
Well, if an user is prompted for a password each time an update must be installed (which happens quite often), he will end up always entering his password in such a window…
Ah, but the user’s password is not the same as root password. Well, okay, I guess they’re more-or-less the same on Ubuntu in action, but on other distros it’s not that easy: I get asked for user password when installing updates, but when I try to change system settings I get asked for root password.
And still, so far I get asked for my password only on login and when installing updates as long as I am not changing some system settings. That’s not really too often and shouldn’t lull users into blindly submitting their passwords.
Disclaimer: I use Mandriva so my experiences are somewhat limited. Though, as far as I know atleast Fedora handles things similarly. Ubuntu cuts corners in order to please users, though.
What a relief ! I thought that all mainstream distros had adopted either the “user can sudo everything” behavior or the “user must enter root password in order to install random security updates” behavior.
I’m on Pardus since Ubuntu 10.04 is out (the windows button thing was just too much), and was on Ubuntu 9.04 before, so I don’t follow today’s trends in the mainstream distro world.
Edited 2010-06-02 14:17 UTC
That’s an issue I have with Windows currently though in the reverse. Firefox, Skype, Google Chrome.. they all install as regular users. Got an MS-LDAP server spraying AD policy across your network so all your users run without admin privileged; doesn’t matter. For these apps, it’s annoying but the bigger concern is the proof of concept that any program can install itself without admin rights.
When I looked for a solution I found two things. There is group policy to block programs which use the Windows Installer. For programs which use there own installer, the installer application has to be blacklisted. That means research and updates to the list for each new installer fingerprint that turns up and malware isn’t going to be polite and use a known installer.
The ability for a user to install applications is a problem rather than something to strive for.
So what are you advocating ? CIO dictatorship ?
In a business network, general users shouldn’t be installing software. If you have a developer or such that needs that kind of flexibility then by all means.. but why should a general user be installing Firefox, Skype, Dropbox and other programs?
I’ll concede that in an office of techs with a very high level of knowledge, general user install/uninstall may have a place provided you don’t invight CISO to the planning meetings. In the bulk of offices where general staff are not IT specialists.. damn strait it should be a CIO dictatorship.
And how could you, in the current security model where the user and his apps do whatever they want in the home folder, prevent him from running an app that is copypasted in it without preventing him from running all other apps on the system ?
You proposed a system based on exclusion rules earlier, but it does not take into account things like portable apps which change all the time. Shouldn’t a system based on only allowing CIO-installed apps a “better” one ?
(If, again, we consider that average computer users are stupid and require the CIO to take them by hand for everything. I deeply disagree with such a way of doing things, it puts way too much nuisance power in the hands of said CIO, like in any dictatorship, and doesn’t help the workers to get to learn about the issues that pushed the CIO here in the first place…)
Edited 2010-06-04 20:36 UTC
That is the conundrum. I mention exclusionary rules before because that is all that is provided by MS-LDAP unless Server2010’s policy rules now include more.
I’d actually suggest whitelisting since there is no proper way to control the ability for a user to install. My ideal would be the *nix solution; mount /home to a separate partition without executable permissions. User’s can copy binaries all day without being able to run them from the profile directory tree.
In terms of portableapps, non-executable mounted media would solve that issue also though I also make heavy use of portableapps on my own flashdrive. At least they don’t mash the registry all to hell like a locally installed application can (Google Chrome’s uninstaller for example).
The real question is how can one prevent user rogue binaries without employing third party applications to do what should be a part of Windows policy system already.
I’m also approaching this from the perspective that IT is actually working to provide the tools needed by users though I have been on the user side of a network large enough for the user’s needs to be pretty weakly supported by the techs. And, with a network used by computer knowledgeable staff things are also different but if average user can install any old thing on a whim, things can go very badly.
Edited 2010-06-04 21:55 UTC
The no execute thing sounds like an efficient way of doing things, if the OS does provide it. Unices do, don’t know about security fine-tuning in Windows.
About the policy issue, let’s try to take a whole view of the “permission” problem.
On one hand we have users. No matter how much CIOs try, they can’t predict every single user need. As an example, could someone predict that a physicist needs a drawing application like Gimp or Inkscape when writing an article/report ? Still, it happens to be the case sometimes. Users may also have some habits and prefer certain applications over others which provide similar functionality. As an example, an everyday Opera user will have a hard time getting used to IE7 for everything else than casual browsing. Same for an OpenOffice user who gets in front of Office 2007’s ribbon. For those people, every restriction of their power on the machine is a nuisance that should be addressed. Especially when it comes to calling an extremely busy tech which may take a week to solve the problem – or just say “no”.
On the other hand, we have CIOs. They have a large area of computers to keep alive. They don’t want to get used to every single app that the users install and runs. Especially when it comes to security updates, when the OS does not provide a *nix-ish application installation model where every single app can be updated at once. CIOs don’t want to get support calls about loss of data due to a malicious script. In their opinion, the simplest efficient protection against viruses, slow performance, and phishing is to let the user only run trusted apps that he provides.
Is there a way we could conciliate both points of view ?
Edited 2010-06-05 07:39 UTC
Sorry but you are largely underestimating the sizes.
My Windows Vista SP1 install is much larger than 20 GB. I know because I had to reinstall it on a formated disk: Vista first, then SP1, before reinstalling the programs (on a different drive). The System drive contains Vista, with all vendor-installed software removed (Office 2007 Trial, anti-virus, etc.) and software I installed myself that didn’t allow me to choose the destination directory. 50 GB… I only have around 13 GB left.
I am writing this comment on Snow Leopard, which on a fresh install on a 124 GB drive left me with less than 99.xx in early september 2009. Remember the “upgrade from Leopard to Snow Leopard and reclaim 7 GB of space” thing Apple was advertising? What the hell were those 7 GB used for in Leopard in the first place?
Installed a Ubuntu 10.04 three or four weeks ago, from the live cd which was 700 MB. Considering most files are probably compressed I wouldn’t be surprised if it was more than 2 GB when installed. I’ll have to check the size later. But I agree with you and I wrote it in another comment a few weeks ago, current OS sizes are too large for what I do with each, despite the applications it comes with.
Please note that I’m talking about a vanilla install on a previously blank hard drive
OK.
For Vista, I was talking about reinstalling (SP0 so to speak) from the recovery discs provided by Fujitsu Siemens at purchase time.
For Mac OS X 10.6, I too was talking about a fresh install on a formated disk from the Snow Leopard DVD.
About Mac OS I got it from Apple’s website (5GB of available disk space), didn’t know that it lied…
Win7 weighted around 6 GB (6.4 if I remember well) on the 13GB partition which I installed it on, using the RC1 DVD iso. Maybe it has grown bigger at RTM, sounds strange. Are you sure that you removed every vendor “tool” ?
About Linux, vanilla Ubuntu 9.04 weighted 2.4 GB on my hard drive, and I don’t think that compression technology has so much improved in the past few years…
Edited 2010-06-02 13:30 UTC
About Linux, vanilla Ubuntu 9.04 weighted 2.4 GB on my hard drive, and I don’t think that compression technology has so much improved in the past few years…
Default installation of _any_ Linux distribution I am aware of doesn’t do any kind of compression at all on an installed system. You’d have to jump through serious hoops to have your default system partition compressed on-the-fly
So yes, you are correct, default Linux distributions, even with all kinds of office suites, graphics editors, media players and what not still weigh about 1/3rd of what a default Win Vista/7 install does. I don’t know why it weighs so much, though. Does Microsoft just ship so much unnecessary stuff there, or does all the stuff actually have a meaning?
No, no, I’m talking about the way packages on the install CD are compressed.
700MB on the CD -> 2.4 GB on the hard drive means that some kind of compression is used, you must agree.
About Windows, I honestly don’t know either. Maybe bloated drivers like the ~120MB ones from HP and NVidia/AMD ? But I already don’t understand how software whose sole role is to issue commands to the hardware could weight that much…
Edited 2010-06-02 14:07 UTC
No, no, I’m talking about the way packages on the install CD are compressed.
700MB on the CD -> 2.4 GB on the hard drive means that some kind of compression is used, you must agree.
Ah, okay. I thought you were talking about an installed system, not the installation media. True enough, then. It’s pretty neat that you can get a fully working Linux desktop — usually even with office suites and all — on a single CD and can use the same one to install it too, whereas Windows provides a simple front-end to install with and provides no live system whatsoever, even on a DVD.
I recently had occasion to restore Windows 7 on a Toshiba laptop. It took three double-sided DVDs (8 GB each) just to install the bare OS, and that was an image specific to that Toshiba laptop model. It wasn’t a LiveCD. It took no less than twenty re-boots to get just the bare OS plus Toshiba-specific drivers installed. Then I had to go online to get anti-malware protection software and OS updates installed, and I still didn’t have any applications beyond the likes of Paint, Calc and Notepad. Not even a PDF viewer.
Compare this to Kubuntu 10.4. One 700MB CD, it was a LiveCD so that you could try it out to ensure that all drivers worked before installing it. The same CD for any machine make of a given architecture (the CD I used was for any x86_64 machine). It installed the OS, a complete set of drivers (including printer drivers) for any hardware (all auto-detected), and an extensive array of desktop applications, and even a few games, all from that one 700MB LiveCD.
It took 15 minutes and just two re-boots, and one of those re-boots was to boot the LiveCD.
Edited 2010-06-02 14:56 UTC
Oh, please. When will some people understand that spreading half-truths doesn’t help promote Linux, quite the opposite?
Windows 7 itself takes up barely half of a single-layer DVD (2.3 gb actually). I agree that it’s a lot bigger than it needs to be for what you get, and have to surmise that most of that weight comes from ridiculously large drivers just like it does in OS X. The install takes 3 reboots, again I find this excessive but nowhere near 20. Either you are a liar, or Toshiba have zero clue how to prepare a restore image. I can believe the latter case if true, as I’ve seen what Lenovo did with an XP restore image on the X61S. Three CDs and six reboots, where as regular XP takes two reboots and not even one full CD.
Nevertheless, framing this as Windows 7’s problem when it’s actually Toshiba’s does not help your case. The more half-truths told, the more people wonder if perhaps Linux can’t stand on its own. I can guarantee you that if OEMs started selling Linux en masse, they’d make just as much of a mess with those restore disks as they do with Windows images now. The OEMs’ power to fsck up everything should not be underestimated.
~100 meg for a driver. heck, I’m looking at an Intel GPU driver weighing in at 840 MB according to the add/remove in WindowsXP.. WTF is that? is it compiling an uncompressed source tree to generate a driver at each bootup?
I gotta say your mention of drivers growing bloated and far to large is an understatement.
As sure as I’m alive. Checked with TreeSize. I’ll check it again tonight.
The package management system is a security compromise due to the unneeded interdependencies that are created which can prevent an immediate update until dependency issues are resolved by package maintainers.
A centralized software distribution system would be better served by keeping applications independent of each other while providing secure connections to developers in case they need to make changes.
However when over 95% of exploits come from browsers, Flash and PDF readers it shows that a fully managed system is not needed to have a significant impact.
I also don’t think a full discussion on OS security is warranted when the real issue here is that Google was hacked due to using an older version of IE. Even if they had an instance of IE6 for testing there is no excuse as to why it was used for browsing outside sites. MS provides Virtual PC + IE6 for free, it’s completely indefensible for a software company to have an employee browsing the web with a native instance of IE6, especially when that company produces a competing browser.
God damn it, how I am tired from those retards. When will they understand that security is the process not some fancy features?..
When it will become common practice for windows users to work with limited user account on OS, when main software source will become cryptographically signed repositories, when every user WILL FEEL SAFE using their operating system and this trust will be honored – then let they bark how great and secure their products are. Now it’s like talking to the deaf: everybody knows that products has flaws, but they are jumping, pointing fingers to some few cases and claims they are something they are not. Ridiculous!
I just read it as “potential for security”. If a system has a low potential for security, it doesn’t matter how aware the user is because the system can only be hardened so much. A system with a high potential for security will, by contrast, be limited by the user rather than the available mechanisms; users can always get further training but one can’t always add effective mechanisms to the software.
I do understand though. For me, the bigger semantic issue is “Linux” being used as a blanket statement with no recognition of different distributions. There are distributions which have a much more secure default configuration and higher potential for overall security. Ubuntu is a very poor example in relation to how other distributions handle security (including it’s parent distribution). Yet, all we hear is “Linux this.. Linux that” as if the kernel on it’s own is being compared to various branded kernel/userland combination.
I always chuckle when security and Microsoft get mentioned in same sentence, and I am laughing hard when Microsoft talks about security.
Then, when see some people actually believing what they said, I get kinda scratch my head and ask… was Charles Darwin a little to optimistic?
Yes, he was, just in a different department. But you are ignoring some facts.
I haven’t tried Windows 7 but people, including tech guys, admit that things have been improved and I tend to believe them until I make the experience by myself. Them admitting that is not the same as saying “Windows is secure, period”. Just taking a look at the number of security updates in an XP SP3 or Vista SP1 install is enough to prove that Windows is NOT a secure system otherwise the security updates wouldn’t have existed. There are numerous comments that say “yes it has improved, but it’s really not the end of the road” but nobody said Windows is secure. I guess the feeling you get would be better transcribed as “Microsoft say they are making efforts for security and 7 is indeed a huge improvement in many aspects including security, so he’s not blatantly telling a lie”
Another fact, also stated by many, is that, **apparently**, Mac OS X and Linux system are not that impregnable fortress either… otherwise the SElinux wouldn’t have existed.
I hate all systems equally, with a big nostalgia for XP SP3, which is really fast on current hardware. Vista is too slow and too bling-obsessed, too UAC-annoying, Mac OS is very good but locked-up configuration-wise, Linux is just still too much about “getting one’s hands dirty”.
Try Windows 2000
I use it at work, it’s probably the most mature and impressive release of Windows which I have ever seen. No bloat, no crash, almost no stupid visual effects, no annoying popups, good user/admin separation, full driver compatibility with XP, simple control panel which just works, and most important a task manager which does not suck.
If Microsoft released Windows 2000 today, people would say that they learned from the past and finally sell something that follows the user’s needs ^^ Myself, I’d gladly go back to the windows world if it still worked this way… until when I’d finally try to go back to my OSdeving work and see how much of a pain is low-level development on windows ^^
Edited 2010-06-02 13:43 UTC
Yes I know, I’ve used Windows 2000 too for 4 years until 2008. I’ve never had a BSOD!
I’m eagerly waiting for Haiku to have Wifi. Maybe AROS would also be a good alternative.
The biggest problem will probably be the tools for developers. After having used IntelliSense in VS or the similar technology is Eclipse, going back in terms of features may be hard. I know it would be for me, as having to switch shortcuts from Eclipse to VS is already a pain.
Running Windows 2000 also means no DEP, no ASLR, no KPP, no registry protection and no UAC.
If you don’t like the visual effects in 7 then you can turn them off. Running Windows 2000 is not the answer.
I don’t know all of those in detail (I only know that those are various hack used to reduce the impact of poorly written software running as root), but I’ve got an excellent UAC replacement : using only a limited user account for my everyday work.
UAC is, afaik, only a hack introduced by Microsoft in order to enforce this behavior.
Ever tried it ? You should. It’s an usability nightmare. The option is only here to blantantly say “yes you can”, but actually using it was apparently never seriously envisioned by microsoft devs.
Moreover, in Vista/7, I hate much, much more than the visual effects…
That’s why I run linux at home. But I didn’t want to install a new OS on the laptop that my boss generously lent to me ^^
Well you should probably read about them before dismissing them as hacks.
UAC does more than that by limiting what permitted programs can access. Once malware gets in the system it still can’t change firewall or Windows update settings without your permission due to UAC. In XP and 2000 malware can quietly do what it wants in the background.
A usability nightmare? What are you talking about? I had a laptop with Vista basic and I turned the animations off and it was no less usable than any other version of Windows. Maybe you should spend more than 10 minutes with Vista or 7.
If malware could get admin rights from a limited user account (which I suppose is what you’re talking about through “permitted programs”), there’s already a serious security issue…
Well I’m talking about this : http://toastytech.com/guis/win7classic.png
Compared to that : http://toastytech.com/guis/winvistalikehome.png
You’re right that with standard theme with Aero disabled, Windows 7 is only hideous, and could even get more usable than with it enabled provided that windows borders were better drawn : http://www.sevenforums.com/attachments/customization/13835d12446096…
Edited 2010-06-02 19:57 UTC
Yea but UAC can also stop malware from permanently installing itself.
http://www.pcworld.com/businesscenter/article/146256/vistas_despise…
Oh the new taskbar? Yea I really don’t like it either. You can change it back to the old one:
http://www.howtogeek.com/howto/windows-7/make-the-windows-7-taskbar…
Those borders are the downside to having Aero off. I keep Aero on but I keep the translucency at about 25%. Just enough to it keep nice looking but not enough to make it distracting. I also use frost instead of the default color. Windowblinds allows you to skin the borders with a texture but I would suggest just giving it some time to get used to. And change the taskbar.
I’m not sure I understand. Do you mean that the user running a rootkit .exe will get a UAC prompt ? What if the rootkit labels itself “SuperPornDesktopAppInstaller.exe” ?
The classic start menu has been brutally murdered too. Using it in Classic mode is now made quite complex due to poor separation of the regions of interest. Also, since Vista I think, you can’t get the classic explorer behavior back.
I like the Windows 9x look and feel because it was more straightforward and less distracting. The non-Aero theme could go this way too, if only it was tweaked a little bit in order to get less ugly…
Gonna try that once I get my new laptop
I said to myself that I’d then give Windows 7 a longer try than the month I spent using RC, though that’ll be a difficult goal to achieve due to the average Linux distro being much more useful for my low-level development hobby…
My thoughts about RC :
-Nice desktop icons !
-Starcraft not running (looks like it has been fixed since)
-SuperBar is a good concept that’s poorly implemented.
-I just HATE that new file browser from Vista, no matter how much time I spend using it.
-He who let the Control panel go this way should be burned to death.
-The Task manager is STILL useless because it takes ages to load when the system is under load due to a hanged app. GRRRRRR !!!
-This new look is poorly readable and even more distracting than XP, and I hate that fan noise coming from my graphic card.
-Everything feels so slow ! And those visual effects look very poor, especially since they probably participate to the general slowness…
-UAC is annoying, there’s still a lot of room for improvement in the user/admin separation area.
Let’s see if RTM has improved
Edited 2010-06-03 05:36 UTC
So you would expect RHEL 5 to blow away Window Server 2008 when it comes to security, right?
Guys, come on. Who told you Win 7 is secure? Stop buying M$ shitloads.
Ok, DEP/NX, ASLR, stack protection — this is all easily bypassable. The insecurity of the OS is not in this features (which btw stop only script kiddies).
The insecurity of the OS stems from loads of substandard, brainless coders which write all this crap at M$. No matter how many “advanced sec. features” you implement — the idiots who write IE code just screw it all up.
Just look: the number of sploits for Win didn’t go anywhere down on bugtraq with the introduction of Win 7. No matter how many times M$ tells you otherwise: just look for yourself.
PS. And yes, I’ve been reading this website for 3 years and this is the first post that made me angry enough to bother to register.
NX is a good protection against those stupid libC hacks relying on stack data being executable
But that doesn’t magically make Windows an intrinsically secure OS, you’re right. It’s just fixing a hole when there’s thousands more.
Edited 2010-06-02 13:46 UTC
It’s people like you that are not engaging in critical thought. Google wouldn’t have been hacked if they weren’t using IE6. It’s a poor justification to ditch Windows, and one that is likely based in their desire to promote Chrome OS.
If you think it is so easy then go ahead and write a proof of concept exploit that bypasses both ASLR and DEP. You could probably make at least 10k with such an exploit so go ahead and start coding.
Are we talking OS or IE security?
If the problem is loads of brainless coders then how did this happen:
http://www.zdnet.co.uk/news/security-management/2008/01/16/secunia-…
Educate yourself before posting. Google keywords: heap spraying and return-to-libc chaining.
Dude, operate the facts not the FUD you eating from shiny M$ brochures. When did we have a remote execution vuln in Linux kernel?
Windoze 7: two months ago (MS10-012).
You mean like this…?
Apple Mac OS X SMB Component Unspecified Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33800/discuss
… or this …?
T-099: Linux Kernel CIFS Remote Buffer Overflow Vulnerability
http://doecirc.energy.gov/bulletins/t-099.shtml
… or this …?
Linux Kernel CIFS/SMB Mounted Filesystem Chroot Restriction Bypass Vulnerability
http://www.vupen.com/english/advisories/2006/1542
… or this…?
Linux Kernel smb Filesystem Implementation Multiple Vulnerabilities
http://secunia.com/advisories/13232/
All operating systems have serious vulnerabilities. All of them. Pretending otherwise — or deluding yourself into believing in the invincibility of Linux — is your business. Knock yourself out. But don’t try to promote FUD here. The people reading this site can smell BS.
I can’t speak for others, but I have made no claim that Linux has no vulnerabilities. Any software can have unintentional flaws, that much is self evident.
The only claim that I have made is that the open source repositories of Linux distributions, in conjunction with package managers on Linux end-users systems, have an impeccable record in that there has never been a known case of malware delivered on to the users systems.
That is to say, Linux systems and desktop applications installed via repositories and package managers have no intentional flaws (i. e. malware, indirectly put there via normal software installation methods/channels by persons with malicious intent). This is an entirely different kettle of fish. An utterly different claim.
As for Linux systems being compromised through unintentional flaws in the Linux OS or applications, that can theoretically possibly happen one would think. However, there would be tremendous publicity about it if it did ever happen (because such publicity would be in the direct self-interest of at least one party with the means, money and incentive to spread the word about it). One never hears of such events, however, there are very few known viruses for Linux, and the chances of ever encountering one in the wild are infinitesimal. The vast majority of Linux systems run perfectly happily for years on end without any need at all for anti-malware programs installed.
Joke sites notwithstanding:
http://www.linuxgenuineadvantage.org/
The only other pertinent observation to make here is that there are many, many millions of compromised Windows systems out there in use today, despite most of them being also burdened with anti-malware programs slowing them down.
The proof is in the pudding, as they say.
Edited 2010-06-03 10:50 UTC
The fact that you didn’t bother to check the dates of your links speaks for itself.
But more importantly, to get the logic right: I don’t claim you can’t setup Linux in some imbecile way. That is to say, no sane person would use CIFS unless he is getting paychecks for supporting some corporate network.
And don’t paint me as some FLOSS fanatic. I use Win a lot for desktop use. I just don’t understand how can you even compare Win with linux security-wise.
I mean, you can’t check the code on Win, so you have to rely on the quality of those underpaid outsourced coders. Whereas in Linux, you can just go look at the code yourself. The edge cases in any modern software are numerous: no developer can foresee them all. It is all “try-fail-correct” evolution. Now multiply this by the thousands of FLOSS (advanced) users worldwide: so who’s got better security? I mean come on, seriously.
Let me guess you’re thinking of that exploit the Google researcher released that the tech press incorrectly reported as a method of defeating DEP and ASLR:
http://skypher.com/index.php/2010/03/01/internet-exploiter-2-dep/
You need to stop operating from the simplistic assumption that everything is about Windows vs Linux. If I were to setup a server with security as a top priority then I wouldn’t use Windows or Linux, I’d use a BSD. On the desktop Vista/7 provide ample security for the typical business but they need to be managed properly and at the very least they need to be running a modern browser. It was IE6 and XP that were hacked, not Vista or 7.
Ironically if that Google division had been running Chrome they would have been safe.
Red Hat, as a FOSS based company, values disclosure and transparency. having a higher bug count is not a surprise when you make a point of provided details about them. The more important metric is how log it took those bugs to be patched.
I had to come back and add this little gem from the very company that published the report about which the article is written:
“Secunia said that while Red Hat had more reported vulnerabilities than Windows, it was not possible to compare its relative security with Microsoft products, or comment on the relative security of open-source versus proprietary products based on vulnerability figures.”
Can we finally put the vulnerability counting fallacy to rest now? Even the original publisher says it’s not a valid comparison in and of itself.
Edited 2010-06-03 16:53 UTC
Exactly, on M$ says Flashplayer and photoshop are not their fault; but on Linux they sum all bugs over 30k+ packages in debian.
Hi,
When it comes to security, hackers and third parties admit Microsoft has done a lot of work.
When it comes to staying afloat, hackers and third parties admit that a man with lots of holes in his canoe has done a lot of work.
Obviously, “has done a lot of work” isn’t quite the same as “hasn’t needed to do a lot of work”.
-Brendan
Wow, I don’t think of a company like Google using Microsoft Windows or Apple Mac OS X. Even at the small company I work for, Windows AND Mac OS X were banned years ago for security reasons.