OSNews

It does make the patches available regardless of a valid product key. I will install all updates via automatic updates (just not windowsupdate.com). You can't get all the new optional stuff (WMP, etc) but, all security updates will be received though.

Edited 2007-03-22 16:45

Ya'll can try http://www.autopatcher.com It's an offline system update website.

That's Microsoft Bob they were talking about!

Please, you almost made me spit my coffee all over my LCD screen. How about a little warning next time. :-)

It is linux that is not an OS. It's only a kernel.

Ah ok. Let's apply the same logic to it all then...Windows isn't an operating system. Windows 98, ME, 2000, XP etc are. But not Windows.

See, I can nitpick as well!

Anyways, how did Microsoft get away with trademarking a common word, which is supposedly illegal to do?

Dave

Wow. And people say I'm capable of hate!

Dude, you so hit the nail on the head with that one! I can't remember the amount of times I was called in to flush out a bug ridden system only to find the real problem was a Symantec product. Man, those guy's deserve every word of your rant!

Agree with you entirely re. Symantec 'security' products.
- add McAfee to that list,too.

As soon as either is uninstalled and the computer rebooted,
some semblance of efficiency returns.
Run a cleaner or two,as well,
and things get better again
as you start to clean out the 'tar' mentioned earlier.

Yes..it dismays me when I hear ppl say
how they just went out and bought,
i.e. pd.ca$h for, Norton This or That.

They turned Norton Antivirus into a flaming pile of shit.

Norton Internet Security was BORN a flaming pile of shit.

actually... NIS was another product gobbled up and destroyed by Symantec. Long long ago in the before time there was an awesome little firewall... @gate firewall.

I was going to vote your score higher, but it's already maxed out.

Norton's utilities were good, but I cannot recommend any of them.

You can't shut off Ghost.
Their firewall crashes often.

The whole concept of a security center, or an anything center is a waste of memory and processor time.

Marketing people should not design software!

They survive for the same reason Windows is the dominant OS, not because it is better, but because it is what people have come to know. As an example, I was in Staples yesterday and one of the sales people was helping a ldy with AV software. She insisted that she had to have Symantecs AV, I refuse to call it Norton's as I think he is probably as disgusted with the product as I am, and so that is what they sold her.

As a side note, I beta tested for many years for Syamntec and I have to agree that they have taken many a good product and turned it into crap. Quite frankly, I would take anything coming out of there with a whole shaker full of salt. Given the conditions of the test the results are actually pretty accurate. The same test could be set up in such a way that Windows 98 comes out on top.

Yes.

" I would *rather* see more patches,
because that means that the vendor is finding bugs and holes and actually fixing them." - you say...

and you're right!
No-one ever made a perfect OS and didn't have to patch it.
Not MAC, not Linux, no-one.

And yet we somehow continue to pretend or expect
that somehow the next flashy OS to come out will be 'perfect'
and never need patches.
What is it? a freak?

"The fact that a Microsoft system won't last a week without a good anti-virus program..."

Since when was that a fact? I've run many versions of Windows for years without ever touching an antivirus program. And I've never had a problem. A firewall is the key.

Yeah ?

And your bot-netted zombie machine has been sending me spam for years....

Windows users should run a virus scanner by default... just in case.


Firewalls are not the key. Malware authors know what port 80 is for, and they use it.

Since when was that a fact? I've run many versions of Windows for years without ever touching an antivirus program. And I've never had a problem. A firewall is the key.

What exactly are you people doing? Seriously, I don't use a virus-scanner for exactly the reason people say, i.e. there are none available anymore that don't eat 90% of CPU time just because they can. Likewise, I don't use any firewall software because it makes everything a giant hastle and, again, wastes memory and CPU time...

Now, I run a random virus check about once a month, I've never once been infected. I run spyware/adware checks, never have a damn thing pop up...

Admittedly, I turn off any windows services I don't actually need (all but 4 of them are unneeded, 8 if you do really weird things) and restrict anonymous access (gets rid of SMB exploits, etc., only takes changing a 1 to a 0 in the registry), but these are things you all certainly do since it takes about 30 seconds to complete?

At what point do you suddenly need anti-virus software and firewalls? o.O Yes, I know for "ideal" security you install them, but I've never once seen any benefit from them, and I'm online all friggin day long.

I mean, come on, I use cable-access internet in a city of 580,000 people (read: horribly insecure) and still don't have any odd problems.

That leaves, uh, apple?

OSX only counts if you count open-source software as commercial software.

In other words, if you don't, then it amounts to:

"Microsoft [Windows] is the only widely available commercial OS. Microsoft [Windows] is the most secure widely available commercial OS."

I suspect even Homer Simpson could work out that sentence 2 in the above follows inexorably from sentence 2, without any reference whatsoever to other OSes, good or bad.

Oh, and by the way: Most of the stuff Apple builds on top of its OSS OS is proprietary.

In other words, if you don't, then it amounts to:

"Microsoft [Windows] is the only widely available commercial OS. Microsoft [Windows] is the most secure widely available commercial OS."

I wasn't saying Windows was the only serious commercial OS. I was just contesting that OSX was.

Actually, it even leaves out Apple since it says"widely available commercial OS". I can positively state that Windows is not more secure than OS X as I have used both. :-)

Just because you've used both means that OS X is more secure than Windows? Perhaps you didn't know how to keep your Windows box secure? When was the last time you used Windows? OS X? The fact you used both does nothing to convince me.

Now I have administered both XP and OS X, and I have found that it is not too hard to keep a Windows box safe. Firewall, spyware scanner, and a good(read not Norton) AV package. after that, they are both pretty secure. The real secret is not to let your users run as admin, but we all knew that.

Users running as admin is the REAL security problem with Windows, you really don't need a spyware scanner if you run as a normal user, and probably could get away with out AV software too, but I'm too chicken, lol

Oh come off it. Can Windows be run without getting infected? Yes, I have done it. I used to beta test for Symantec AV and I used live virus files to do it. (They about had a fit when they found I was testing the product against live virus files, BTW).

I can definitely state the OS X, (and Linux and BSD for that matter), is more secure than any of the Windows OS's I have run, (except Vista and since I haven't run that I can't comment on it). I can secure a Mac and a Linux/BSD machine in a matter of minutes. To get the same level of security in Windows takes a lot longer. And that is why most people will never properly secure their Windows machine. They don't know how and even if they did they would not want to take the time required.

Linux/BSD and OS X are far more secure out of the box than Windows. All of them can be made more secure, but at this time only with Windows is is absolutely essential that you do so. I would never hook any computer straight to an always on connection regardless of the OS running on it. But a lot of people hook Windows up that way. So yes, Windows is less secure by default.

Yes, you are right, which is what I said. But the reason it is so insecure is that everyone runs as administrator, take that away, and a lot of the exploits through IE, for example, would no longer work.

"You are about to release a heavily-biased 'security' study which will be widely criticised and derided by independent researchers:

Confirm or deny?"

We often disagree on some topics but I have to say I am in full agreement with you on this one!

Of course, I mean "Cancel or allow?"

Yes, talk about misleading.

OS X is given is lower rating because they took an average 66 days compared to MS's 58 to patch. Then in the next sentence they say only 1 was critical on OS X and 12 were critical on Windows. We'll I guess getting a fix 1 week faster on average is more important than having much less critical flaws. 8-)

Microsoft - 58(days) x 12(vulns) = 696

Apple - 66{days) x 1(vuln) = 66

So Microsoft must be more secure - right? It's a bigger number!

:}

If you just read past comments you'll see that kind of question is already said.

I've been reading through comments here, and I've come to one conclusion. No one commenting has an open mind at all. This is not specific to this thread or topic either. The only reason that you are even reading these posts and comments are to reconfirm your own per existing beliefs. If something does not conform to your beliefs it would not matter how much actual data is presented, the basis for the articles conclusions would be in error. Everything you are reading you are filtering based on the flawed logic that all your current beliefs are 100% fact. I'm sure I don't have to tell you how stupid this makes you appear.

Nice rant. Unfortunately for you, no matter how biased we are or you accuse us of being, that won't change the fact that this study is deeply flawed, and is going to be seen widely as being so.

The question is did you read the article it is heavily bias again the numbers show that 1/2 of all windows vulnerabilities were high risk. Number 2 if we are comparing OSes we need to eliminate the the opensource projects and focus on Linux the OS which is not what these studies take into account.

The problem is that the need to look at Linux, Linux is not Openoffice, it is not apache, those are applications installed just as Nero is not windows however they do not split those vulnerabilities out, because of either bias or lack of knowledge.

Need I remind you that the bugs in the Month of Apple bugs included things like VLC which is a add on program not a OS.

Everything you read, hear, say, write etc. is subject to influence and bias based on your culture, experience, interests, etc. That is the nature of being human - while we can strive to be objective, it is naturally difficult to do so.

Using our personal biases to denounce our ideas outright is not a very effective form of arguing. You would be listened to by other here if you can try to find fault in the arguments presented in this thread, not faults in the people who post them - like I pointed out, we all have our biases, even you.

Honestly, did you really expect anything else?

As if you hold the Holy Grail of Truth in your hands.

Ahahah.

Exactly right, sir!

I've been reading through comments here, and I've come to one conclusion. No one commenting has an open mind at all. This is not specific to this thread or topic either. The only reason that you are even reading these posts and comments are to reconfirm your own per existing beliefs. If something does not conform to your beliefs it would not matter how much actual data is presented, the basis for the articles conclusions would be in error. Everything you are reading you are filtering based on the flawed logic that all your current beliefs are 100% fact. I'm sure I don't have to tell you how stupid this makes you appear.

Lol, what are you confused about?
I have an open mind, unfortunately Windows has too many open holes so it's more of a swiss cheese than an operating system.
And what you term as a belief I call first hand experience.
I guess you never experienced having Windows powned by a warm 2 minutes after a fresh install.
Well, I have experience that, so my "belief" is based on personal experience.
I don't think some ridiculous study will change my "belief" based on years of personal experience.
Good analogy:
I get burned by fire. From then on I don't just believe that fire will hurt me. I KNOW that fire WILL HURT me.
And no matter how many times someone will tell me that it's ok to put my hand in a fire, I know better (from experience).
Besides, even comparing a toy os like Windows to heavy duty os's like HP Unix or Solaris that run big iron servers with uptime and reliability Windows can only have wet dreams about, is ridiculous.
Basically Symantec is sucking up to Microsoft because without Windows they have no product to sell.

I don't know about you, but I've run many computers with no problems on WinXP SP2 without any antivirus, and only using windows builtin firewall. I admit. before SP2 it was different story, but after their fixes with it, I've been running all my systems stable leaving them on and online for months at a time. Rock solid.

I'm not dissing other OSs either, if you want mac or linux that's great. I just don't see the point in tearing down a product, when the development of it has been steadily improving. Microsoft is doing better, and responding to problems faster, they should be commended for their improvment.

I admit. before SP2 it was different story, but after their fixes with it, I've been running all my systems stable leaving them on and online for months at a time. Rock solid.

I worry about people who feel the need to tell us how they've left their XP, SP2 no less, machines on and connected to the internet for months and months. And then they add the ubiquitous 'rock solid' statement at the end.

"I worry about people who feel the need to tell us how they've left their XP, SP2 no less, machines on and connected to the internet for months and months. And then they add the ubiquitous 'rock solid' statement at the end."

Why do you think we have all these trojans and viruses floating around? :-)

Like the almighty coming down to scold us you tell us how we are all bias because we point out an article that shall we say, uses creative interpretation of facts to make a point. (Windows being most secure OS) Obviously some people are gonna bash MS no matter what, but many of us are a little more knowledgeable and able to understand the problems with that article.

Then you use your OWN bias to tell us you have no problems with Windows security, hence it must be OK. I hear people use this all the time as an argument. Obviously a single case cannot prove a statement, only disapprove one.

That fact that many of us make a living based on Windows problems indicates that there are indeed true issues. Some will argue its secure, but the users does things to make it vulnerable; than that is a design flaw in the OS to allow users to do that or to make a condition where users would want to do it. (If the LUA dialogs are so annoying that it causes people to turn it off, that's a design flaw.)

I don't care what OS anyone uses, but there is so much BS floating around end users can't make a truly fair, informed decision, and that is what this whole argument comes down to. Most people won't read that article, they'll just see that headline and take it for truth and pass it on. Be nice if end users were more informed, but they won't be, history shows people just follow the leader. (ex. MS, Hitler, Tattoos, fashion.)

If it wasn't for competition and users who questioned articles like this, don't kid yourself, whether Apple, MS, Sun or IBM, they wouldn't be making these improvements that even you acknowledged. (or they would be a lot slower.)

With any operating or security system, the largest security hole is the user. With the human element it is imposible to make something completly secure. This is why large companies have employees educated on security concerns and best practices. You see comercials about how information is the anti-drug, well I would say that information is the best anti-virus as well. I don't feel that the answer to security problems is to add more and more restrictions to the user, just educate them.

BTW, I was not supporting or denying the thread topic. My original post was just pointing out what I've been seeing any many threads, finally decided to say something about it.

"Basically Symantec is sucking up to Microsoft
because without Windows they have no product to sell.

- and any anti-Symantec sentiment expressed here
is due to experience and the school of hard knocks,
not becoz we simply feel like trashing Norton and Co.

In my early (Mac) days, Norton was a decent utility
that pulled me out of my first few system crashes,
and I admired and appreciated it greatly..
but over the years it just got bloated and overbearing,
ripping off clock cycles like it paid for the computer
and generally earning itself a bad/unpleasant reputation!
Argue with that.
- but you can't, coz everyone has had pretty much the same experience
over the last 10 yrs. or so.

Dude, the real question here is not why some people are being a bit overzealous in calling foul on an operating system that has consistently had more security holes than a piece of swiss cheese for over a decade running, backed by a company engaging in court-proven illegal business practices, communicating lies and half-truths to it's customers, and interfering with democratic processes around the world.

The real question is, what the hell posesses someone like you to donate their time to defending such an entity?

I like the teaser to this article, in which it claims that Symantec is no friend of Microsoft. While Symantec may no agree with everything Microsoft does, I ask you how Symantec could not be friends with Microsoft when they are a Microsoft vendor and make all their money selling Windows products.

Question of the Third Millennium!

George Bush to head Greenpeace.

LOL.

"SCO code found in Window Kernel source, Darl McBride to replace Ballmer."

Oh crap, don't give them any ideas.

That's what I understood too... MS has the smaller number total BUT the highest of severe ones...

/LOL

Hum... let me see i spend at least a day every week removing virus and spyware from costumers pc's... and with my mac, my linux server and my solaris server i spend... oh wait... i dont... so the logical conclusion: windows is more secure... oh yea... (i know im not using numbers to sustent my post, but this is my experience)

Just curious... but can anyone here actually list a single virus of spyrware/adware instance that affects OS X, Linux, or Solaris? (yes, I know, theoretically there has been that one virus on OS X, etc, but really, without a google search can you list something?)

Yeah, Microsoft needs to stop hiring interns to make their software, no argument here against that... but virus occurrence in comparing Windows to three systems where viruses don't actually exist is sort of... not relevant to anything, security or otherwise?

Also, unlike your customers, I assume you are not a retarded monkey... you could likely use windows with the same results (I spend all day cleaning other peoples PCs but never have to clean my own becayse I don't do stupid crap with it)

I was just thinking the same...

Well posted. Would have been even better to state the number of severe threats etc in each case as well, to show that GNU/Linux has fewer. Time to patch data would have been good as well. I know I can go and hunt this data down, but I'm lazy. Good work.

Dave

{Hackers have shifted their focus away from the OS and are now using vulnerabilities in the apps that are installed on the OS. e.g Word, Excel, IE as these products will be trusted by the firewall and allowed to access the internet.

Brutal assaults on the OS are no longer necessary. Now it's the apps turn to feel the heat. So the OS can be as "secure" as ya'll wanna say but it won't mean diddly squat if you are using buggy, vulnerable programs on it. It'll get "owned" if the right measures are not taken. And there is the slight chance of a zero-day exploit doing a number on you. }

If you are a "black hat" person wanting to write an exploit so that you can "own" a system, you might use an application as a route to get your exploit code installed onto the target system, but the exploit code itself has to target the OS, not applications.

It isn't much use "owning" a system only when it happens to be running Powerpoint, for example. To be useful, you must "own" the system full-time. That means "owning" the OS itself.

Black hats may be targetting vulnerabilities of applications in order to gain access into systems (ie, to get past firewalls as an example you gave), but that does not mean that "Hackers have shifted their focus away from the OS".

BTW, on Windows systems, black hats do not have to rely on particular applications being installed in order to have potential holes in firewalls. Microsoft have built in several nice holes deliberately ... WGA checks, Windows update, remote desktop, online help, DRM checks, new codecs ... there are already quite a few exploitable holes pre-installed on Windows systems without any applications at all!

Edited 2007-03-23 02:20

Er. Yes and no. Malware commonly uses the fact that certain applications are trusted by the firewall to get around it. But most of the time malware isn't actually using an exploit in the app. Rather it's using a rather bad design decision on Windows named:

CreateRemoteThread

http://msdn2.microsoft.com/en-us/library/ms682437.aspx

On linux we have equivalent posix functions.

On both systems you need to have the correct privileges to open the process.

The difference? On Windows, the user often has those privileges, on linux, not as much. And SeDebugPrivilege.

SO if you want your threat to ensure the only way that you can be deleted is with a reboot, you inject into System.

If you want to get around the firewall, you inject into IE.

You don't need to exploit anything.

Edited 2007-03-23 03:16

Actually, what you are saying is not a bug, it's just that when you run Windows as an Admin, it allows you to run CreateRemoteThread. You are exploiting something, but it is not a bug, it's a problem with the defautl settings, and a problem with the culture of Windows users.