Microsoft Security is Nothing to Sneeze at
Posted by malebolgia on 11 November 2005 - 20:30 · 43 comments & 5390 views
About the Author
Full name: Unknown
Forum name:
malebolgia
Contact: via forum PM
Submissions: Normal · Headline
Full name: Unknown
Forum name:
malebolgiaContact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
#1 Posted by Fedorpheux on 11 Nov 2005 - 20:32
- Achoo!
-
#2 Posted by darkyi on 11 Nov 2005 - 20:33
- Completely agreed.
-
#3 Posted by betasp on 11 Nov 2005 - 20:37
- I was taught not to use GOTO statements, but to use subroutines... for what it is worth.
-
(7 replies)
#4 Posted by markjensen on 11 Nov 2005 - 20:40
- Poor Administration is the cause of nearly all security issues.
Now, Microsoft does bring some of this on themselves by encouraging home users to run as root, and often with no password.
But in the end, it is the people maintaining the box that is the cause of the problem, not what OS it is. -
#4.1 Posted by malebolgia on 11 Nov 2005 - 20:44
- Well put.
-
#4.2 Posted by Evolution on 11 Nov 2005 - 21:03
- That's not true at all. They created the standard user acounts for a reason. It's the Software developers that are at fault, they're the ones who force many of us to stick with Admin accounts.
In the initial setup, for both prebuild systems and installs, you select which users to create and their rights....it even indicates the uses of each account.
It seems like everyone now a days is blaming Microsoft for issues created by other companies, i.e. First it was bad drivers, now it's security. -
#4.3 Posted by TwoTailedFox on 11 Nov 2005 - 23:03
- Except Limited Accounts can do almost nothing. And even when set with certain rights, those things can be dangerous, in the wrong paws.
Registry Editing
Driver Installation
Systems Settings Change
Command Prompt Access
One and Two happen with almost all of todays needed software, such as Display Drivers (Catalyst, and Forceware, anyone?). And No.1 can also be unwittingly tampered with. Installation of Update, and Service Packs also requires Admin Mode.
System Settings Changes I partially agree arn't needed on most Idiot Account users. Unless you count things like Display Settings, Firewall Settings, or even access to the Control Panel itself.
Command Prompt access can be dangerous, but it's also very, very handy, but catch is, you need to know how to use it. Unlike Linux, where its CLI, Bash, can't be swept under the rug, and forgotten about.
Point of the matter is, you need Admin Accounts, for what todays software needs to do. Gone are the days of Windows 3.1, where we could get away with .INI files to store settings -
#4.4 Posted by markjensen on 12 Nov 2005 - 02:46
- If you truly NEED admin rights for so much software in Windows, then perhaps Microsoft is more to blame than I had previously thought in my earlier post.
They should allow an app to run in the 'restricted user' environment, and if it is a poorly written app, and needs to do something like write to the registry, perhaps Windows should prompt for a password? Or even allow the admin to assign a user rights class override to specific problematic apps? Do these things exist in Windows currently? I have heard of "Run As" that is supposed to do this sort of thing. -
#4.5 Posted by Callaway on 12 Nov 2005 - 15:39
- Run As works sometimes, but many programs need the ability to modify registry settings or write/modify files to portions of the drive you need to restrict access to. It's a fault of Microsoft's and the companys who produce software for the platform.
Wouldn't it be nice just to drag/drop an install or uinstall? Sigh... -
#4.6 Posted by mr_demilord on 12 Nov 2005 - 20:56
- MS should drop the registry, then the admin vs user problem can be solved, so that the program saves the settings to a xml file or config file, that way the windows system stays clean and users can normally install, use, and remove programs.
System stays clean and fast, more userfriendly maintaining the system and better overall overview of the system.
Better security, users doesn't need to run programs as Administrator.
System stays clean, better performance.
better maintaining, easier to locate software problems, installing and removing programs.
Just my 2 cents.
It's not ment as a flame, just my thoughts, I use windows regulary and is a good OS.
-
#5 Posted by H3lix on 11 Nov 2005 - 20:40
- *waits attentively for the zealots to show up*
-
(2 replies)
#6 Posted by Airlink on 11 Nov 2005 - 20:51
- It's not Windows you have to worry about there, Grimey: It's grabing a set of exposed high-votage main busses in an effort to demonstrate how lazy and unprofesional one of your more obnoxious co-workers is. There's a history of that in the Grimes family, or so telivision has lead me to belive.
<hugs the TV>
And as we all know, everything we see on TV is correct.
-
#6.1 Posted by King Rilian on 11 Nov 2005 - 21:48
- Did that go over anyone else's head, or just mine?
-
(6 replies)
#7 Posted by em_te on 11 Nov 2005 - 20:54
- Open source software has 6 billion programmers working around the clock. That means they have 2 billion people searching for bugs, another 2 billion are creating innovative features and another 2 billion are doing security audits. How could that not be more secure than Windows?
-
#7.1 Posted by malebolgia on 11 Nov 2005 - 21:02
QUOTE Open source software has 6 billion programmers working around the clock. That means they have 2 billion people searching for bugs, another 2 billion are creating innovative features and another 2 billion are doing security audits. How could that not be more secure than Windows?
The number of programmers doesn't necessarily equal better security.-
#7.3 Posted by Eclipse™ on 11 Nov 2005 - 21:41
QUOTE Are there even six billion people in this world?
Thereabouts.-
#7.4 Posted by Airlink on 11 Nov 2005 - 22:02
- "Open source software has 6 billion programmers"
That's true, if by "Open Source Software" you mean the planet Earth and by "Programers" you mean living human beings. After all, the Earth's ecosystem is a very open-source system. You might even say that it's the ultimate in open-source concepts.
Now hold still while I poke you repeatedly with a stick. -
#7.5 Posted by rm20010 on 12 Nov 2005 - 03:58
QUOTE Are there even six billion people in this world?
Close. There's about 6.3 billion people on this planet. And less than 0.1% are OSS developers.
(0.1% = 6.3 million developers)-
#7.6 Posted by Smigit on 13 Nov 2005 - 04:42
- 6 billion people and microsofts software still has the majority of the market....
Somehow I think its a little less, but if so I'm glad Linus was looking at a new way to implkement late code, I'm sure it must be hard when 6billion developers submit their updates past the deadline
-
(4 replies)
#8 Posted by Eversurf on 11 Nov 2005 - 21:07
- I really liked the article. It wasn't just another "My penis is bigger than your penis" article. It had facts and figures. He explained what the facts were "Viruses have been around since the begining and will be until the end" and "The Apaches VS IIS" I agree with the fact that more of those OS are on the internet the more likely people will find faults in the code.
Great article -
#8.1 Posted by Kreuger on 11 Nov 2005 - 21:21
- Yes viruses have been around for a long time but how often do you hear of a virus for the *nix OS? As far as I know there was only one minor one. It's a lot harder to exploit holes in *nix because it's open source, there is always someone finding bugs, reporting and patching ASAP. Whereas with Windows, you have to wait sometimes months to close over a hole in the system.
-
#9 Posted by CDog on 11 Nov 2005 - 21:12
- Obvious stuff but this sort of thing needs to be said
-
#10 Posted by ArtOf_War on 12 Nov 2005 - 05:43
- Very good artcile... serves well as a reality check for both Windows and, more importantly, Linux Fanboys
-
(1 reply)
#11 Posted by Sterling Christensen on 12 Nov 2005 - 10:04
- First, see this article and discussion on how many Linux viruses there are:
http://digg.com/linux_unix/How_many_Linux_viruses_are_there_
Linux has about 3 to 8% percent of the desktop market, and more server market share than Windows. You'd think there would be more Linux viruses and worms, but there aren't.
Windows is only just now (in Vista) making it easy to run with reduced privileges, something Linux has done all along.
THAT's what makes me think Microsoft security IS something to sneeze at.
As for his figures, Apache having more reported holes than IIS, one big problem: he compared the number of reported holes, without even looking at their severity. Some of exploits reported for Apache are local, while all of IIS's are remote. -
#11.1 Posted by markjensen on 13 Nov 2005 - 00:32
QUOTE Linux has about 3 to 8% percent of the desktop market
QUOTE and more server market share than Windows.
Now, *nix (all derivitives) outnumbers Windows in servers. But Linux does not. It is a small (but the most rapidly growing) share of the market.
-
#12 Posted by Blaz0r on 12 Nov 2005 - 12:09
- I wouldn't dare to sneeze at a Windows computer, it'd propably get infected!
-
#13 Posted by aleck79 on 12 Nov 2005 - 13:24
- so this 'Malicious mobile' code before Microsoft was on what, punch cards?
-
(4 replies)
#14 Posted by bucko on 12 Nov 2005 - 14:06
- The most safest computer is one that is not connected to the internet or lan.
-
#14.1 Posted by mr_demilord on 12 Nov 2005 - 20:51
- Amen
-
#14.2 Posted by Smigit on 13 Nov 2005 - 04:45
- true but its probably the least useful computer going
Like yeah, you can be pretty safe not being connected and not using any removable media, but then you cant do alot of what the normal user needs, nor can you update your OS to SP2. Cant install games (I mean they may have a virus on the cd), cant install anything infact. -
#14.3 Posted by Hotrocket on 13 Nov 2005 - 08:16
- as you state: "The most safest computer is one that is not connected to the internet or lan."
for this reason i recommend Telstra Broadband
-
(3 replies)
#15 Posted by EduardValencia on 12 Nov 2005 - 17:23
- deren microsoft will never dissapear,what a crap article,the legacy of microsft will be intact forever,stop trolling against MS!
-
#15.1 Posted by mr_demilord on 12 Nov 2005 - 20:50
- He is not trolling.
He never said MS will disappear.
-
#16 Posted by LTD on 12 Nov 2005 - 23:13
- --delete---
Last edited by 25908 on 13 Nov 2005 - 04:10
Here’s the plain truth: Malicious mobile code has been around since before Microsoft was a company, and it will be around long after they are a historical footnote. If Microsoft disappears, that won't stop mischievous hackers from writing rogue programs. Real security solutions aren’t as easy as replacing Windows with another alternative. Real security means persuasive authentication, loss of anonymity, less functionality, peer code review, and programmers learning security along with their first GOTO statement. End-users will have to accept that security means slower development times and more expensive products.
Breplibot.b is a file 10240 bytes in size, packed using UPX. When launching, the backdoor copies itself to the Windows system directory as $SYS$DRV.EXE. Using this name makes it possible for the Sony rootkit technology to be used to hide the activity of the malicious program. Of course, the backdoor's activity will only be hidden if DRM protection, as used on some Sony Audio CDs, functions on the victim machine.
As usual, Kaspersky Lab warns users to be careful, and not to open email from unknown senders, or open attachments to suspicious messages.