Linked by David Adams on Tue 22nd Jun 2010 16:14 UTC, submitted by sjvn
Privacy, Security, Encryption A Computerworld editorial takes note of some interesting changes Dell made to the Linux page we linked to last week. They watered down some of their pro-Linux claims, but not as far as you might think.
Order by: Score:
Comment by joekiser
by joekiser on Tue 22nd Jun 2010 17:28 UTC
joekiser
Member since:
2005-06-30

Looks like they reworded the article to champion the merits of using Ubuntu, whereas before the article was a biased comparison of Ubuntu against Windows. For example, the chart which previously compared Ubuntu applications to their Windows counterparts now only focuses on Ubuntu, and removes the faulty claim that OpenOffice.org is not available for Windows. In fact, the only mention of Windows at all is in the introductory paragraph, which explains what an operating system does.

I don't see this as bullying from Microsoft. If anything, the updated article is more streamlined due to its reduced scope (the merits of Ubuntu as opposed to an unrealistic comparison of Windows to Linux).

Reply Score: 4

RE: Comment by joekiser
by Bobthearch on Tue 22nd Jun 2010 20:23 UTC in reply to "Comment by joekiser"
Bobthearch Member since:
2006-01-27

Whoever wrote that first version was a doofus. Not only was it inaccurate, what company would post an open letter criticizing 95% of their own product line?

Reply Score: 3

RE[2]: Comment by joekiser
by flanque on Tue 22nd Jun 2010 22:25 UTC in reply to "RE: Comment by joekiser"
flanque Member since:
2005-12-15

Clearly it was someone who frequently posts on this site. ;-)

Reply Score: 2

v RE[2]: Comment by joekiser
by apexwm on Wed 23rd Jun 2010 12:57 UTC in reply to "RE: Comment by joekiser"
v Huhh???
by fithisux on Tue 22nd Jun 2010 19:27 UTC
RE: Huhh???
by Laurence on Tue 22nd Jun 2010 21:00 UTC in reply to "Huhh???"
Laurence Member since:
2007-03-26

"In fact, the only mention of Windows at all is in the introductory paragraph, which explains what an operating system does. "

When Windows became an Operating System? Syllable is more OS than Windows.


Windows NT environments have been an OS since day one.

What you're thinking about is the long time dead classic Windows line. Which is a very poor mistake to make on a site like this.

Reply Score: 2

RE[2]: Huhh???
by Zifre on Wed 23rd Jun 2010 01:28 UTC in reply to "RE: Huhh???"
Zifre Member since:
2009-10-04

What you're thinking about is the long time dead classic Windows line.

How the heck would old "Windows Classic" (I'm assuming you mean like Windows 3, 95, and 97) not be considered an OS?

As far as I know, being multi-user and network aware are not requirements for being an OS.

Maybe you are talking about Windows 1 and 2, which were mostly just shells on top of DOS? (Though I would still call them OSs.)

Reply Score: 1

RE[3]: Huhh???
by Laurence on Wed 23rd Jun 2010 02:37 UTC in reply to "RE[2]: Huhh???"
Laurence Member since:
2007-03-26

"What you're thinking about is the long time dead classic Windows line.

How the heck would old "Windows Classic" (I'm assuming you mean like Windows 3, 95, and 97) not be considered an OS?

As far as I know, being multi-user and network aware are not requirements for being an OS.

Maybe you are talking about Windows 1 and 2, which were mostly just shells on top of DOS? (Though I would still call them OSs.)
"

Oh for crying out load, what is wrong with people this week?

You've taken my comments out of context and I'm not going to get dragged into an off topic debate regarding the now largely irrelevant technical status of a 15 year old piece of software - particularly when this debate has already been done to death a million times on here.

All I intended my post to state was that the opening poster was idiotic to even question whether Win7 is an 'operating system'. It's pretty bloody obvious to anyone with even the slightest of experience in IT that Win7 is a OS.

So the only reason why I even mentioned the classic product line was because I suspected he was confusing NT with the classic line given the past countless debates on 3.x and 9x.

At no point was I stating my person opinion and nor shall I as it's completely irrelevant to the article.

Reply Score: 4

RE[3]: Huhh???
by kedwards on Wed 23rd Jun 2010 04:14 UTC in reply to "RE[2]: Huhh???"
kedwards Member since:
2009-04-25

How the heck would old "Windows Classic" (I'm assuming you mean like Windows 3, 95, and 97) not be considered an OS? As far as I know, being multi-user and network aware are not requirements for being an OS. Maybe you are talking about Windows 1 and 2, which were mostly just shells on top of DOS? (Though I would still call them OSs.)


Windows 1.X through 3.X are operating environments because they require DOS for system calls. Windows for Workgroups 3.11 can be considered either an operating system or operating enviroment(Microsoft marketed it as an operating enviroment) depending on the way you look at it. Though WFW 3.11 made its own sys calls it still needed DOS drivers for some devices like SCSI and CD-ROM.

Here are some articles that I posted in a previous thread a month ago on the subject.

http://en.wikipedia.org/wiki/Operating_environment
http://en.wikipedia.org/wiki/Windows_3.1x
http://pclt.cis.yale.edu/pclt/OPSYS/WFWG311.HTM
http://technet.microsoft.com/en-us/library/cc751413.aspx

Laurence was just generalizing to the OP because of his claim that Windows wasn't an operating system.

Reply Score: 1

Inaccurate
by malxau on Tue 22nd Jun 2010 21:10 UTC
malxau
Member since:
2005-12-04

You see Windows was designed as a single-user, non-networked operating system. That design is still at the heart of Windows, which is why security must always be an add-on to Windows.


This is not correct. "Windows" (1.0-3.11, 9x, me) was a natively single user product. NT (3.1-4, 2000, XP, Vista, Win7) remains natively multi user, and was always built for networks. The design of NT always included multiple users, multiple groups per user, flexible ACLs, fine grained privilege, and other concepts which Linux has been retrofitting.

Windows has been harmed by setup insisting that a user account must be created in the administrators group, which has led to people to run as an admin all the time. Running as root all the time is much more rare on UNIX/Linux.

Reply Score: 2

RE: Inaccurate
by cycoj on Wed 23rd Jun 2010 09:26 UTC in reply to "Inaccurate"
cycoj Member since:
2007-11-04

"You see Windows was designed as a single-user, non-networked operating system. That design is still at the heart of Windows, which is why security must always be an add-on to Windows.


This is not correct. "Windows" (1.0-3.11, 9x, me) was a natively single user product. NT (3.1-4, 2000, XP, Vista, Win7) remains natively multi user, and was always built for networks. The design of NT always included multiple users, multiple groups per user, flexible ACLs, fine grained privilege, and other concepts which Linux has been retrofitting.
"

Huh? Since when did multiple users, multiple groups per user and file privileges have to be retrofitted to Linux? Even ACLs are supported in most Linux/Unix systems, although you could argue that they have been retrofitted because the first filesystems might not have supported them. But your statement is about as false as the OP statement that Windows is a single user system with the everything else bolted on (actually that statement is probably more true, because it actually was true at some point, your statement not)

Reply Score: 2

RE[2]: Inaccurate
by malxau on Wed 23rd Jun 2010 10:20 UTC in reply to "RE: Inaccurate"
malxau Member since:
2005-12-04


Huh? Since when did multiple users, multiple groups per user and file privileges have to be retrofitted to Linux? Even ACLs are supported in most Linux/Unix systems, although you could argue that they have been retrofitted because the first filesystems might not have supported them. But your statement is about as false as the OP statement that Windows is a single user system with the everything else bolted on (actually that statement is probably more true, because it actually was true at some point, your statement not)


Multiple users was always native to UNIX/Linux. It was bad wording on my part if this was interpreted otherwise.

Multiple groups per user are a retrofit in AT&T Unix Version 6. I know this sounds prehistoric, but consider the consequences: each user has a 'primary' group, so multiple groups required the concept of a 'secondary' group. This distinction is important in many ways (see man newgrp for an example.) NT has no distinction: groups are arbitrary, users can belong to many or none. If a user is in many groups, none are special. In addition, privilege is determined by built in groups, meaning that many users can be administrators; there is no equivalent to a single root user.

ACLs are now supported in UNIX/Linux, but again, this is a retrofit. Support was added in Linux kernel 2.5.46, and many distributions backported these to 2.4. They are rather foreign to UNIX, which was designed around chmod style permissions. In NT, ACLs are the only security primitive used for files/registry etc. There is a chmod call in the C library on NT, but it is very different to UNIX as there is no primary group, so UNIX-style chmod would be meaningless.

When I said privilege, what I was referring to is not file permissions, but fine grained control over different system calls. In NT, a group might have permission to (say) shut down the system; debug other users processes; create paging files; create symbolic links; load drivers; lock physical memory; change the system time; perform system wide backup or restore operations; or permission to open leaf files (if permission is granted) without requiring permission on all parent directories. There has been a push to retrofit a similar concept into Linux (as part of moving away from a single root user), but I don't know the current status of it. Perhaps somebody else here can comment...?

Reply Score: 4

RE: Inaccurate
by coreyography on Wed 23rd Jun 2010 16:04 UTC in reply to "Inaccurate"
coreyography Member since:
2009-03-06

This is not correct. "Windows" (1.0-3.11, 9x, me) was a natively single user product. NT (3.1-4, 2000, XP, Vista, Win7) remains natively multi user, and was always built for networks. The design of NT always included multiple users, multiple groups per user, flexible ACLs, fine grained privilege, and other concepts which Linux has been retrofitting.


Maybe somewhat under the covers, but Windows until recently seemed targeted at only one *interactive* user. It took Citrix to show Microsoft how to do multiple interactive users in the first place, and many Windows apps today don't function well in a Citrix/WTS environment. The irony to me is that Microsoft knew this (and couldn't justify the higher cost of this approach to their desktop-only customers), so they promoted NT and its progeny as server OSes -- where the GUI is often not needed and is unnecessary fluff. Yet on Windows you cannot get rid of said GUI.

Windows has been harmed by setup insisting that a user account must be created in the administrators group, which has led to people to run as an admin all the time. Running as root all the time is much more rare on UNIX/Linux.


I still feel Microsoft has no one to blame but themselves for this. They should have made that clean break, enforced least-privilege policies, when they brought out NT. Those "fine-grained privileges" you mention above have been largely wasted for many years, and would still be if Windows had not become the poster child for malware.

All that said, (potentialy controversial statement coming right up ;) I think security- and capability-wise, Linux and Windows each have advantages over the other, but on balance they are pretty much equals. The biggest practical area where Linux/BSD trump Windows today IMHO is flexibility. You can make those OSes just about anything you want. With Windows, you pretty much get what MS gives you.

Reply Score: 2

RE[2]: Inaccurate
by malxau on Wed 23rd Jun 2010 23:08 UTC in reply to "RE: Inaccurate"
malxau Member since:
2005-12-04

...Windows until recently seemed targeted at only one *interactive* user.

Agreed. To put this differently, X is amazing technology in allowing multiple displays per machine, multiple users running multiple apps to different displays, one display rendering apps from different servers on different versions of different systems on different architectures. The people who designed X should be very proud of themselves - from a flexibility perspective, it's simply beautiful.

TS only recently implemented a "seamless" mode where applications render without a desktop, although Citrix has had it for a while. There's a lot more retrofitting to bring NT up to UNIX/Linux for networked application delivery.

Yet on Windows you cannot get rid of said GUI.

Have you looked at Server Core? It still has a GUI, but it doesn't have explorer et al.

"Windows has been harmed by setup insisting that a user account must be created in the administrators group...
I still feel Microsoft has no one to blame but themselves for this. They should have made that clean break, enforced least-privilege policies, when they brought out NT. "
Don't get me started. The sad part is that NT 3.1 insisted that you must create a low-privilege user as part of setup. Somewhere that idealism became derailed. I used low-privilege accounts on NT for a decade, and things generally work; I blame XP for trying to "dumb down" NT, which in turn allowed developers to be less vigilant.

The biggest practical area where Linux/BSD trump Windows today IMHO is flexibility.

Agreed. Sometimes it requires more knowledge, but when you have that knowledge, it allows more possibilities.

Reply Score: 1

RE[2]: Inaccurate
by lemur2 on Thu 24th Jun 2010 01:31 UTC in reply to "RE: Inaccurate"
lemur2 Member since:
2007-02-17

"Windows has been harmed by setup insisting that a user account must be created in the administrators group, which has led to people to run as an admin all the time. Running as root all the time is much more rare on UNIX/Linux.
I still feel Microsoft has no one to blame but themselves for this. They should have made that clean break, enforced least-privilege policies, when they brought out NT. Those "fine-grained privileges" you mention above have been largely wasted for many years, and would still be if Windows had not become the poster child for malware. All that said, (potentialy controversial statement coming right up ;) I think security- and capability-wise, Linux and Windows each have advantages over the other, but on balance they are pretty much equals. The biggest practical area where Linux/BSD trump Windows today IMHO is flexibility. You can make those OSes just about anything you want. With Windows, you pretty much get what MS gives you. "

I'd disagree only only one point. The biggest practical area where Linux/BSD trump Windows today derives IMO from the fact that for well over a decade, for whatever reasons, the concerted effort of malware authors has been targetted almost exclusively against Windows. The vast library of malware payloads and malware techniques has evolved over that decade along with Windows.

Today, the vast body of malware is effectively impotent when one uses systems other than Windows. Almost without exception, malware is not only targetted at Windows, it depends upon Windows.

One might be able to argue a case that "capability-wise, Linux and Windows each have advantages over the other, but on balance they are pretty much equals" ... but that simply cannot be argued security-wise as a whole. The actual malware corpus itself demands that it cannot be so argued.

Edited 2010-06-24 01:32 UTC

Reply Score: 2

RE: Inaccurate
by drcoldfoot on Thu 24th Jun 2010 13:06 UTC in reply to "Inaccurate"
drcoldfoot Member since:
2006-08-25

No Sir,
The article was spot on. Windows Desktop line is not multiuser. Unix/Linux is multiuser by design. You can loggin as differnet simultaneous users, each running their own desktops, run apps,scripts, scheduled jobs, etc.

Reply Score: 1

RE[2]: Inaccurate
by ssa2204 on Thu 24th Jun 2010 13:34 UTC in reply to "RE: Inaccurate"
ssa2204 Member since:
2006-04-22

No Sir,
The article was spot on. Windows Desktop line is not multiuser. Unix/Linux is multiuser by design. You can loggin as differnet simultaneous users, each running their own desktops, run apps,scripts, scheduled jobs, etc.


This has nothing to do with the architecture of the OS you twat, it is a licensing issue. People figured out a long time ago how to bypass this.

Reply Score: 3

From the article ...
by WorknMan on Tue 22nd Jun 2010 22:26 UTC
WorknMan
Member since:
2005-11-13

Besides, at the Internet server level, Linux is already as popular as Windows. Google, Yahoo, Facebook, all the top Internet sites, except the ones owned by Microsoft, run Linux. If a hacker really wanted to score big, would you want to crack some guy running Windows 7 or Google?


The problem with this logic is that the person running the server is a lot less likely to be on some random P2P network, downloading all kinds of pr0n and warez onto the machine running the server.

You see, it's a lot easier to attack someone who is actively running your malware on a machine with no anti-virus or spyware protection, without any prodding on your part.

Reply Score: 4

RE: From the article ...
by UltraZelda64 on Wed 23rd Jun 2010 03:08 UTC in reply to "From the article ..."
UltraZelda64 Member since:
2006-12-05

The problem with this logic is that the person running the server is a lot less likely to be on some random P2P network, downloading all kinds of pr0n and warez onto the machine running the server.

You see, it's a lot easier to attack someone who is actively running your malware on a machine with no anti-virus or spyware protection, without any prodding on your part.

And even if they were...? Linux still has far fewer pieces of malware written for it than Windows ever did. Windows even had a nice little boost in the early days thanks to its compatibility with another horrible OS, MS-DOS.

Linux has no "binary backwards compatibility" or "legacy poor-security garbage design" to stick to. At least, not nearly to the extent Microsoft products do. And it has no real, market-driven (commercial) reason to.

Edited 2010-06-23 03:17 UTC

Reply Score: 2

RE[2]: From the article ...
by WorknMan on Wed 23rd Jun 2010 03:22 UTC in reply to "RE: From the article ..."
WorknMan Member since:
2005-11-13

And even if they were...? Linux still has far fewer pieces of malware written for it than Windows ever did.


Well, Linux doesn't have that much malware written for it for the EXACT reason that these kinds of users largely don't exist on the Linux platform. Why write malware for dumb users to install, if dumb users aren't using the platform? By and large, dumb users don't run servers, so the popularity of Linux as a server platform is irrelevant when comparing how much malware exists for Linux vs Windows.

I have little doubt that if Linux / Windows had an equal amount of dumb users behind the wheel and an equal amount of malware written for them, there'd probably still be more exploits on Windows, but Linux wouldn't exactly be immune either.

Reply Score: 3

RE[3]: From the article ...
by UltraZelda64 on Wed 23rd Jun 2010 03:43 UTC in reply to "RE[2]: From the article ..."
UltraZelda64 Member since:
2006-12-05

Whatever the case, the reality remains the same. Windows has always been, and still is, the low hanging fruit--ever since it took over DOS' market share. And it has traditionally been poorly designed, just like its pathetic predecessor. Coincidence? Not saying that Linux or any other OS for that matter is perfect, but if I were to be browsing porn, you could be damn well sure I'd be doing it on any mainstream OS *besides* Windows.

It's like wearing a rubber... the viruses may possibly be there, but you're less likely to "send" or "receive" them and become infected. Windows at one point offered the protection of nothing at all, but now I'd say it offers the protection of a cheap, generic type of condom. Meanwhile, Linux and BSD have proven themselves over and over, while Windows' nuts and bolts (heh heh) were finally tightened to a more acceptable level with Vista.

Edited 2010-06-23 03:45 UTC

Reply Score: 2

v RE[3]: From the article ...
by lemur2 on Wed 23rd Jun 2010 05:56 UTC in reply to "RE[2]: From the article ..."
RE[4]: From the article ...
by nt_jerkface on Wed 23rd Jun 2010 07:01 UTC in reply to "RE[3]: From the article ..."
nt_jerkface Member since:
2009-08-26

For example, Google runs a million Linux servers, and Linux runs the London Stock Exchange.

Yet there exists very little malware which targets Linux, despite the high value of many of the target machines.


That says nothing about what value those websites are to malware writers. It's effort/profit that matters to them, not actual server value.

Malware writers are mostly criminals that want to make a few million and cash out. Trying to break into a Google farm or stock exchange is an extremely difficult and risky proposition.

When there are millions of Windows users that download random crap from p2p networks and keep updates off there is no contest when it comes to which target will provide the best effort/profit ratio.

Reply Score: 3

v RE[5]: From the article ...
by lemur2 on Wed 23rd Jun 2010 11:28 UTC in reply to "RE[4]: From the article ..."
RE[6]: From the article ...
by lemur2 on Wed 23rd Jun 2010 23:53 UTC in reply to "RE[5]: From the article ..."
lemur2 Member since:
2007-02-17

In their day-to-day use of the Internet, ordinary Windows users face at least 10^7 (ten million) times the risk of getting malware than the same users would face if they were running Linux.

This fact is self-evident, it is an absolute no-brainer.

Actual malware infection rates back this up to the hilt.


Why did this get modded down? It is a plain, straightforward, demonstrable fact.

Here is a security firm's estimate of infection rates (it is unstated, but this is basically for Windows PCs):
http://gorumors.com/crunchies/malware-infection-rate-worldwide/

If accurate, that represents literally billions of malware-infected Windows PCs. Billions of times as many infections as any other kind of machine. (Microsoft would put the infection rate much lower, but that just changes it from 'billions' to 'hundreds of millions'). By induction, it is relatively easy to conclude that essentially all of the effort of malware perpetrators is directed at the Windows userbase target.

Regardless of the reasons why this is so, it still is so. It is the fact.

An ordinary user of Windows, demonstrably, clearly, undeniably, faces many orders of magnitude greater risk of getting a malware infection than does the same user running Linux.

Apprently, there are some Windows supporters out there having a very hard time facing this fact.

Apparently also, as perhaps evidenced by the Dell website re-wording, it is a straightforward fact that some parties do not want people to be aware of.

Edited 2010-06-23 23:55 UTC

Reply Score: 2

RE[7]: From the article ...
by testman on Thu 24th Jun 2010 03:55 UTC in reply to "RE[6]: From the article ..."
testman Member since:
2007-10-15

Apprently, there are some Windows supporters out there having a very hard time facing this fact.

Showing the metrics behind your figures and substantiating them with hard evidence makes your post informative.

Stacking multiples of a million based on cherry-picked facts and arguments makes your post look like trolling.

Why did this get modded down? It is a plain, straightforward, demonstrable fact.

Toughen up, princess.

Reply Score: 3

RE[2]: From the article ...
by nt_jerkface on Wed 23rd Jun 2010 06:40 UTC in reply to "RE: From the article ..."
nt_jerkface Member since:
2009-08-26


Linux has no "binary backwards compatibility" or "legacy poor-security garbage design" to stick to. At least, not nearly to the extent Microsoft products do. And it has no real, market-driven (commercial) reason to.


Malware that is injected into warez is not taking advantage of backwards compatibility. It has nothing to do with "legacy poor-security garbage design" either. There is no isolation layer within Linux that would protect it from a trojan injected into an executable.

If Linux users were the majority and millions of them were carelessly downloading crap from unverified sources then you would have far more trojans like the one in the Unreal IRCd.
http://www.jfplayhouse.com/2010/06/trust-us-that-linux-trojan-is-no...

Malware today is mostly the product of computer criminals within Eastern Europe looking to profit, not from pricks who are looking to hack for the sake of it.

Edited 2010-06-23 06:47 UTC

Reply Score: 4

RE[3]: From the article ...
by soulrebel123 on Wed 23rd Jun 2010 07:03 UTC in reply to "RE[2]: From the article ..."
soulrebel123 Member since:
2009-05-13

differences you are not accounting for:
- Linux needs a lot less external, untrusted, binary-only software.
- AppArmor and SeLinux are ready. Should desktop security become a problem we would see a hell of an isolation layer.
- Differences in kernels, compilers, libraries, etc, would make it much harder for malware to spread.
- Linux users are much more skilled

Yes, if linux had 80% of the user base, there would be more security problems. Probably a tenth of what Windows has right now.

Reply Score: 2

RE[4]: From the article ...
by nt_jerkface on Wed 23rd Jun 2010 09:10 UTC in reply to "RE[3]: From the article ..."
nt_jerkface Member since:
2009-08-26


- Linux needs a lot less external, untrusted, binary-only software.

If Linux became popular then users would want the same binary software they are downloading in p2p sites. They wouldn't accept The Gimp and Tux Racer. Hackers would also focus on penetrating trusted channels, which wouldn't be difficult if you know how lax some open source projects are when it comes to allowing outside contributions. The "many eyes make it secure" is a myth. There are plenty of projects where only the authors understand how their respective parts work. It also wouldn't be hard to become a trusted package maintainer and insert it that way.


- AppArmor and SeLinux are ready. Should desktop security become a problem we would see a hell of an isolation layer.


Oh ok explain how either will stop a trojan injected into a game that the user gave permission to access the internet.


- Differences in kernels, compilers, libraries, etc, would make it much harder for malware to spread

Oh so Linux not being a single platform is a virtue now. I guess I'll give you the de facto response which is that you can target most users by just focusing on the top two distros.


- Linux users are much more skilled

This again says nothing about how secure Linux actually is.


Yes, if linux had 80% of the user base, there would be more security problems. Probably a tenth of what Windows has right now.


If everyone running Windows had 7 or Vista installed with updates turned on along with an alternative pdf reader installed then security problems would also be a fraction of what they are today.

Windows users are an easy target thanks to so many of them running outdated software. There are GUI hacking kits for websites that scan the user agent id and then attempt to exploit known vulnerabilities. That's how bad the situation is and if around 10% of the world population was running an unpatched version of Linux from 2001 then you would see the same type of tool kit. Unless you want to tell me all those Linux kernel patches weren't actually needed thanks to some automagical security protection that many of its users seem to think exists.

Reply Score: 7

RE[2]: From the article ...
by bert64 on Wed 23rd Jun 2010 08:42 UTC in reply to "RE: From the article ..."
bert64 Member since:
2007-04-23

On the other hand, Linux has source code backwards compatibility going a lot further than windows... Applications written for early unix systems can often compile and run successfully on a modern linux box.

Most linux malware is in the form of backdoored services that are intended to be manually installed and used by a hacker, whereas windows malware is typically automated because few hackers would manually target windows machines - their only value is in large hordes for ddos/spam purposes.

Reply Score: 2

RE[3]: From the article ...
by nt_jerkface on Wed 23rd Jun 2010 09:20 UTC in reply to "RE[2]: From the article ..."
nt_jerkface Member since:
2009-08-26

On the other hand, Linux has source code backwards compatibility going a lot further than windows... Applications written for early unix systems can often compile and run successfully on a modern linux box.

You mean command line utilities that can also be compiled and ran in cygwin. Anyways source code backwards compatibility doesn't mean much to users.

whereas windows malware is typically automated because few hackers would manually target windows machines - their only value is in large hordes for ddos/spam purposes.


What?????? Never heard of identity theft, password theft, file extortion, anti-malware extortion????

Reply Score: 3

v Microsoft's hands on Dell's throat
by apexwm on Wed 23rd Jun 2010 13:02 UTC
UltraZelda64 Member since:
2006-12-05

The problem is, this statement came too late. There would be absolutely no denying it if this were still the XP era. The problem is, Microsoft really did clamp down on the security starting with Vista, so such statements are harder to be proven. The first Windows version worthy of replacing XP (Windows 7) is out, so it's a few years late. I will still trust an OS with a long reputation for being relatively safe and well-built, over an OS originally conceived as a toy by a bully monopolistic company, who always places their users' security well below their bottom line in terms of importance. But other OSes no longer have such a noticeable, distinct security advantage compared to the latest versions of Windows.

It's sad how long a piece of software holding a monopoly on the market can go being so insecure, before the company finally gets off their asses and does something about it. Too blinded by $$$ and afraid to hurt their stock prices and piss off their stock holders, apparently.

Reply Score: 2

lemur2 Member since:
2007-02-17

But other OSes no longer have such a noticeable, distinct security advantage compared to the latest versions of Windows.


This is not true, for the following reasons:

1. Windows has indeed made great improvements in security over what it once was, but so too have vast improvements been made in the sophistication of the threats against Windows.

2. There has been virtually zero energy, inventiveness, resourcefullness etc of malware authors directed at targets other than Windows. Windows always has been, and is still, the prime target.

3. Other systems have likewise improved security over time.

4. Windows strives hard to maintain binary backwards compatibility. This means that virtually all of the malware payloads ever written will still run on recent versions of Windows. The only bit that has been made in any way slightly more difficult is getting the malware payload installed. Ubiquitous Windows applications such as Flash and Acrobat are now being targetted as well as the core Windows OS to get around this problem.

Although the core Windows OS is indeed a bit more hardened in Windows 7 than it was prior to Vista, there has been only a partial reduction in the risks faced by ordinary users running Windows.

The malware "industry" is effectively dependent on Windows, in a kind of parasitic way. It has evolved with Windows. Like most parasites, it has almost no carry-over to other "host species".

Edited 2010-06-24 00:18 UTC

Reply Score: 2