Linked by Thom Holwerda on Sat 27th May 2006 17:26 UTC, submitted by Ricus
Windows "Windows Vista Beta 2 includes a new defense against buffer overrun exploits called address space layout randomization. Not only is it in Beta 2, it's on by default too. Now before I continue, I want to level set ASLR. It is not a panacea, it is not a replacement for insecure code, but when used in conjunction with other technologies, which I will explain shortly, it is a useful defense because it makes Windows systems look 'different' to malware, making automated attacks harder." On a related note, Microsoft is having difficulties in reaching parity between the 64bit and 32bit version of Vista concerning the amount of drivers shipped.
Permalink for comment 128545
To read all comments associated with this story, please click here.
RE[2]: Great...
by Gullible Jones on Sat 27th May 2006 21:08 UTC in reply to "RE: Great..."
Gullible Jones
Member since:
2006-05-23

MAC not implemented by default in any form in common distros. Protection against forkbombs via PAM not used by default in any distros I've seen. PaX barely used by anyone, not stable with current kernels on architectures other than x86. Buffer overflows all over the place - VMS and several UNIXes have measures against those.

I'm not saying that Linux is a badly designed kernel, or that distros are poorly designed, or even that Linux is insecure; I just think that kernel devs and (much moreso) distro maintainers need to realize that Linux can have security issues, and will have more as it gets more popular. Developers aren't just sitting there, sure, but I think a bit more needs to be done than just patch up vulnerabilities - innate measures against more common types of vulnerabilities (e.g. buffer overflows) are a good idea.

(BTW, while we're at it... Why do all criticisms of Linux get modded down? Trollish "zomg linux sucks" ones deserve it, but it seems to me that criticisms which don't constitute trolling lose points very often.)

Reply Parent Score: 5