OSNews

yeah great, thanks man, you made me laugh that hard I sprayed coffee out of my nostrils all over the keyboard.
i need a new one now

New coffee, or a new keyboard? Or maybe even new nostrils?

Why don't you buy a Microsoft spill resisitant keyboard? I hear Jim tested it when his son was 6.

Hey now, be nice! I'm sure the Vista skin will look great...

--bornagainpenguin

PS: Actually, given how easy it's gotten for security firms to patch Windows code and provide necessary system updates these days, as well as much of the other independent work done by people seeking to extend their older MS systems, it wouldn't surprise me much to discover some one has managed to reverse engineer a way to backport many of the features in Vista to Windows XP.... Remember how hot under the collar they got over the AeroXP skins?

That's right..I forgot. They were out for blood on some of those skin developers. Some of the skins looked pretty accurate.

I'm still not too sure I'd install any security releases from 3rd party developers. I guess it would depend on who the developer is.

And you are who? The Pope? (another loser BTW)

You're not very good at admitting defeat, are you?

Now now, watch your language. You sound like a ten-year old.

"You sound like a ten-year old."

Hey now, there's absolutely no need to insult the children.

Wow, CuriosityKills thanks for the compliment...it means a lot coming from you.

By the way, you should really find someone for your anger management issues....maybe it's pent up sexual frustration. You need to get laid and smoke a joint,or something, just to chill out. You're not well, I'm worried about your psyche. Long hours waiting with baited breath about the release of mediocre OS's makes for some serious mental issues.

And for your information, this is being written to you from XP. Unlike most trolls, I comment on things I actually use.

"who looks down the barrel to see if the gun is loaded."

That's because the light at the end of the tunnel is a muzzle flash...

There isn't a version of Windows I'd run without any antivirus software.

Someone out there will inevitably prove him wrong.

Why would that make you happy?

People on this site are so sickening.

Somebody already said why, above. It's fun to see dumb people look down the gun barrel to see if it's loaded. It's comedy at its finest.

Claims that Vista will be very secure are for the moment just hilarious jokes, contradicted by about 10 years of history and all the previous Microsoft operating systems. Until there's actual proof that Vista won't let dumb people shoot themselves in the face, let us have our fun.

Why would that make you happy?

I didn't say it would make me happy. I said I would smile. There's no happiness in smiling. Haven't you ever hear about something called sarcasm?

People on this site are so sickening.

I would say people that markets Windows as is, with all its failures and problems, asking for hundreds of dollars for something that doesn't have that value and pushes that OS into everyone using FUD and other dirty techniques, that those are sickening. Not a simple person here in OSNews os ./ commenting with a little sarcasm.

Get a grip on reality, dude.

"It's my favorite feature within Windows Vista, it's called ASLR (Address Space [Layout] Randomization)"

It is cool, it's been included by default in the Linux kernel for a year and a half. (22-Jun-2005)

Edited 2006-11-10 01:09

[/i] It is cool, it's been included be default in the Linux kernel for a year and a half. (22-Jun-2005) [/i]

Lol, good one.

Of course nobody uses Linux. Sure. Just 4% of all Desktop users and approx. 26% of all servers.

Sure sure... Nobody uses Linux.

Of course nobody uses Linux. Sure. Just 4% of all Desktop users and approx. 26% of all servers.

Sure sure... Nobody uses Linux.

.4% of desktops. Less than 10% of servers.

Remember, as Gartner has said, Linux more often than not gets replaced by a pirated copy of Windows.

I'd like to mod you up to 10, if that was possible.

he only way they are going to fix this adware/virus problem is if they never give the user the premissions that are needed to write to any system folders.

Actually, as long as the user has permission to send out mail, I gather your machine could still be used as a zombie for sending spam and who knows what else, even if you can't write to system folders.

I mean, honestly ... who gives a shit about system folders/files anyway? If they wreck my OS, I'll just reinstall. But if my machine can be hijacked, that is much more serious.

I notice that almost none of the people who have responded to this have read more than the headline "Allchin Suggests Vista Won't Need Antivirus" which is out of context to the point of being a lie.

IT is the read headed step child of the "while collar jobs" and is viewed by many as an easy way for "different" people to get high paying jobs.

Do other white collar professionals make decisions in such a knee-jerk childish manner?

The high number of "special"/"computer people" make me embarrassed to admit I work in the industry.

Could you picture a bunch of people from the medical industry on MedNews.com reacting so childishly?

I have been reading this site for ever and it wasn't always this bad. What happened?

As much as I usually respect the opinions of Thom, I have to say he carries at lease some of the blame for selecting this article despite the obviously misleading title which is intended to create exactly the response it got.

It was like I woke up the other morning and suddenly the opinions of the people on Slashdot were more rational than the opinions on OSNews.

The selection and tone of news postings sets the tone for the website. There are better ways to draw traffic Thom. Please don't cheapen OSNews just to increase page hits.

Eugenia was a realist, she called it how it was and she didn't care who did or didn't agree with her. Although sometimes her opinion was unpopular, she was usually right.

I used to see the same unbiased call-it-like-it-is attitude from Thom too, but sometimes I think that focus has been lost.

"As much as I usually respect the opinions of Thom, I have to say he carries at lease some of the blame"

What do you expect from a person who himself has no clue on the subject. I was under impression that people that work here are somewhat educated on the subject of operating systems, but I was wrong. His reply to a comment about 64 bit operating systems is so ignorant that makes me question if he has any formal education on the subject. His observations are more of a self taught person (an IT enthusiast if you wish), then of a trainned profesional. Even though I am going to repeat a very often expressed opinion on this board, here it goes:

MS has a lousy track on the security aspect, and we can not blame users for taking things with a grain of salt

The last year has seen a dramatic upswing in extremist attitudes in the open source community. The "Free or Not-Free" argument has been heating up for about 9 months, and the Novell/Microsoft agreement couldn't have possibly come at a worse time.

So, the community is a bit... sensitive right now, and not really at it's best.

> The last year has seen a dramatic upswing in extremist
> attitudes in the open source community. The "Free or
> Not-Free" argument has been heating up for about 9
> months, and the Novell/Microsoft agreement couldn't
> have possibly come at a worse time.

What is strangest to me is that the free/nonfree discussion is so heated on OSNews, which after all isn't OSSNews. This is about operating systems, not politics.

I think the selection of the article, including its title, is fine. The problem isn't the article, it's the readers, most of which seem to be slashdot rejects. And yes, I've noticed slashdot discussions regarding MS have increased in quality while the ones here have degenerated to the type of garbage exhibited in this thread.

I don't see how Vista is fundamentally less secure than Linux. Neither OS's default user account has full admin/root rights (that used to be the main difference between the systems that gave Linux the edge). Both OSes have stack overflow protection. Both have ASLR (according to posts in this thread). (Oh, and Linux's having had it since 2005 doesn't mean that it doesn't increase Vista's security.) Both OSes have firewalls (depending on the particular distro) (and Vista's firewall kicks in before it allows internet access (I'm just preempting any FUD regarding that)). And MS followed the example of most Linux distros in that they no longer ship with unnecessary services turned on.

On top of that, IE7 on Vista runs in reduced rights mode, meaning that it can't alter any files, directories, or registry settings except its own, so not only can it not muck with system directories, it can't even muck with the user's directories (unless OK'ed by a broker, which is a very small piece of code and is unlikely to have security flaws on its own (the broker is invoked for things like the user doing a File-SaveAs)). ActiveX problems, mostly gone away with XP SP2 IE's infobar, which Firefox borrowed, is locked down even more since with its default "opt-in" mode (or whatever the correct terminology is). And even if the user jumps through hoops installing a malware ActiveX control or a legit ActiveX control that has a bug that can be exploited (like a buffer overflow), the limited rights of IE7 renders it harmless.

So can someone give reasons that Linux is fundamentally more secure? (I'm not referring to bugs, which can appear in either system, but I'm talking about whether one can prove that one system is more "secure by design".)

That being said, Vista will be attacked more and will have more successful attacks. That will be due to userbase size rathe rather than design issues. According to web browsing statistics that have been cited multiple times on osnews threads, Windows has >90% of web surfing activity while Linux is ~0.5%. It doesn't take a genious to figure out which will be more atacked regardless of which is more secure (if either).

Edited 2006-11-10 06:08

//So can someone give reasons that Linux is fundamentally more secure? (I'm not referring to bugs, which can appear in either system, but I'm talking about whether one can prove that one system is more "secure by design".) //

Go here:

http://portableapps.com/

Download one of those apps, but don't install it. Just unzip any files you may have been asked to, using only normal users rights under Vista. Unzip them anywhere you have got write access to as a normal user.

Better yet, unzip them to a USB memory key, and take that key to another Vista machine ... one that you are not the admin for.

Now, without installing anything, and without being once asked if it is OK to install any application (especially on a "foreign" machine using a USB key) ... double click on the .exe file.

Presto! It runs!

Vista has absolutely no idea where that exe came from (it could have come from a BlackHat on the net), and Vista has asked no local user if that app is OK (it has not been installed, and Vista did not prompt for execute permissions) ... but it still runs!

Oh, BTW, running .exe files is a normal method to setup other applications on Vista.

I think this is deliberate that this has not been fixed. This characteristic means that an external agent (such as Microsoft themselves) can "push" new executable code onto a Vista system without the local user's permission. Microsoft, after all, claim that they still own the software you bought and put on your own machine.

If Microsoft are able to "push" new software onto your machine, then quite possibly other parties are able to do so as well.

One cannot run a new file on Linux without being prompted for a password in order to grant execute permissions for that file, or setting the execute permissions explicitly.

Edited 2006-11-10 09:48

Now, without installing anything, and without being once asked if it is OK to install any application (especially on a "foreign" machine using a USB key) ... double click on the .exe file.
Presto! It runs!

You aren't installing an application. You are only running it. The application also has to be made so it doesn't use any functionality not available under the account in which it is running. And the administrator of the computer can choose to restrict what applications will and will not run on the computer. All of this is controlled via permissions and policy. You could allow only applications you have signed or whitelisted to run, and you can also restrict access to removable storage.

Vista has absolutely no idea where that exe came from (it could have come from a BlackHat on the net), and Vista has asked no local user if that app is OK (it has not been installed, and Vista did not prompt for execute permissions) ... but it still runs!
I think this is deliberate that this has not been fixed. This characteristic means that an external agent (such as Microsoft themselves) can "push" new executable code onto a Vista system without the local user's permission. Microsoft, after all, claim that they still own the software you bought and put on your own machine. If Microsoft are able to "push" new software onto your machine, then quite possibly other parties are able to do so as well.


This is totally false and shows an ignorance of how Windows security works. Windows XP SP2 and Windows Vista keep track of several attributes, including where a file came from, to determine its trustworthiness. .NET goes further still. Microsoft can't just push new code onto a Windows box. The user has to agree to run such code and have the necessary permissions to do so.

One cannot run a new file on Linux without being prompted for a password in order to grant execute permissions for that file, or setting the execute permissions explicitly.

Likewise on Windows there has always been an execute permission that can be controlled by the administrator. On Windows XP SP 2 and above, when you attempt to run a file originating from a non-local source (even if it has been copied to a local source), or that has some other trust issues (maybe it is not signed/has no manifest, etc.), you will be prompted about the trustworthiness of that file. Agreeing to this prompt is the equivalent of setting the execute permission, but it only applies for that one execution and must be agreed to with subsequent executions unless you choose to Unblock the file from its properties dialog or another management mechanism.

Edited 2006-11-10 11:30

I have to agree entirely that the quality of discourse has fallen dramatically over the years. I think the ratings system has made things worse. To vote something down you have to justify it, and you're not supposed to vote down something that you disagree with. Voting someone up requires no more than a click, and more often times than not it represents a "snarkiness factor" or "groupthink compliance" rather than any real insight. The result is that stupidity spam is encouraged.

As for the article, while it is true the concepts of file permissions and limited users have existed in Unix since the begining (or certainly by the time it was gaining momentum outside of Bell Labs), the same can be said about NT. What's promising about Vista is that it is the first release of Windows that makes leveraging these concepts practical. User Account Control mitigates the need for most users to run with admin priviledges and Parental Controls make it feasible for average parents to apply additional constraints without having to comb through ACL entries or RWX bits. While a lot will depend on app compatibility, Vista may well make locking down a computer a task achievable by a normal human being. Well that doesn't necessarily mean antivirus software will never be needed (threats evolve, after all), I do think this is a great step forward for Windows.

I agree with your assessment of the voting here. Not being able to vote down items that are clearly wrong is a major flaw.

There's a big difference between disagreeing with something, and knowing that it is incorrect.

Wow! What a whiner!

I'm just giving you a hard time.

Actually, I have been reading OSNews since its inception, and I think it has always been about the same.

Eugenia certainly had some opinions to blast around, and she didn't mind deleting people's posts if she didnt like them. I also seem to recall her tirade against Greek men. That certainly wasn't popular at all (or even relevent; however, it did seem to be one of the most commented on pieces, so you have to give her credit for driving a boat load of people to the site that day).

As for your "childish" remark, I'd have to agree. I sit by many software engineers whose desks are cluttered with effigies of The Tick, Wallace and Gromit, and Batman. I personally have a bobble-head "Mini-Me" that a co-worker gave me as a going away present when I quit my last job.

Yeah, we're childish, but that's what makes this white collar job one worth doing. Most white collar workers are boring old farts whose biggest concern is making their golf-penis bigger.

boring old farts whose biggest concern is making their golf-penis bigger

And you'll never want to be one of them, right ?

In the immortal words of Mark Twain, golf is a good walk spoiled.

Lets not also forget, that in this example Vista is still pretty new and it isn't that big of a target, yet.

You think crackers will wait untill Vista is official released?

My guess is they will have gotten themselves a MSDN subscription and are investigating Vistas guts from day one.

Why?Because it's very likely going to be an attractive target.Lots of PC's installed with Vista.

You've always been able to set up restricted access in an NT system, always.

The technology never was the problem. The lack of computer savvy under the common computer owners is.

All Os's Linux, Windows, and OSX all lack features need for laptops. ATI is the biggest deal I see right now. The hell with viruses and trogens antivirus software installed.

Vista, but he expressed anger with competitors who embarked on noisy public campaigns to 'castrate' the operating system. This is all Bull-Shit!" System's new lockdown features, "Man kiss my ass with that shit!"

What did this have to do with my comment?

--bornagainpenguin (who was laughing at the ridiculous headline and not commenting at all about laptops)

//That said, I wouldn't let a 7 year old on a computer with no antivirus. //

I would.

That said, I wouldn't recommend anyone to use a Windows computer with an Internet connection and no antivirus.

That said, I wouldn't let a 7 year old on a computer with no antivirus.

Sorry, but if I had a 7 year old son or daughter; I sure as heck wouldn't be allowing him or her to use the computer without me supervising him or her, as to ensure that the curisosity doesn't get the better of them - regards to the interesting google results that may occur.

As for anti-virus; the record for them stuffing up more systems than actually protecting is demonstrated in the number of ISP callup's relating to Norton or some other company buggering up their computer - yes, I worked on a 'hell desk' and having dealt with the *wonderful* products that are Norton and McAfee; if I were Peter Norton, I'd be filing a paper for a name change.

For example, run Norton Anti-Virus 2006, and it causes setup utilities and applications to run haywire - they cause more harm that good, and whats worse, they now want us to pay for the *privilage* of getting updates! the cheek of that! its almost like a mafia racket; hype the virus alerts and bring in the cash through scaring the crap out of the uneducated public.

Prove it.

And for some reason I seem to remain virus free.

Weird.

That is not weird. That is just the result of responsible computer use.

The problem MS has to fight is PEBCAK. Problem Exists Between Keyboard and Chair.

You don't click christinaaguileranude.bmp.exe, but lot's of unknowledgeable computer users will.

//it is great that microsoft not only made windows more easy to use but,also more secured by, adding ASLR to windows vista. I guess ASLR will test the attackers mathematics skills and the ability to guess the target addresses. //

Microsoft are able to "push" certain software onto Windows machines (such as WGA).

If Microsoft can do it, then quite possibly so can other parties.

Not much of a test, really.

Lets just imagine a scenario off the top of my head. I'm a net nasty, and I have a nice-looking website with a link to a "cool" media file. When you click on the file ... Vista doesn't know the format, so it goes searching for a matching codec to install & run ...

... there are heaps of ways like this that are typically enabled to get things to run on a Windows system from an external source. Some external sources are not to be trusted.

Microsoft are able to "push" certain software onto Windows machines (such as WGA).

Once again, not true. See previous post.


Lets just imagine a scenario off the top of my head. I'm a net nasty, and I have a nice-looking website with a link to a "cool" media file. When you click on the file ... Vista doesn't know the format, so it goes searching for a matching codec to install & run ...

Windows Media doesn't automatically install non-Microsoft codecs (not sure it it does those anymore either). If it can't play a file, it will fail. It may then display a dialog allowing you to go find a codec manually. It does not automatically install one.

Please at least use Windows before spreading FUD about it.

Edited 2006-11-10 11:32