Linked by Thom Holwerda on Tue 10th Nov 2009 09:31 UTC
Windows Last week, security vendor Sophos published a blog post in which it said that Windows 7 was vulnerable to 8 our of 10 of the most common viruses. Microsoft has responded to these test results, which are a classic case of "scare 'm and they'll fall in line".
Permalink for comment 393867
To read all comments associated with this story, please click here.
Let's be more specific
by twitterfire on Tue 10th Nov 2009 16:02 UTC
twitterfire
Member since:
2008-09-11

I'm a programmer. I used to write some quick'n small malware just out of fun. I have friends in my country which are working for big antivirus solutions - RAV - now MSSE - ex GECAD, now Microsoft, -BITDEFENDER. I even have friends in the underworld. And everybody agrees to that: writing worms targetting Windows is like trying to target FreeBSD's jail. Not undoable, but hard like hell.

Back in the happy days of Windows XP SP1, there were a breeze writing worms which propagate like plague on windows machines. But with the new security models, writing malware is much, much harder.

I mean, I remember the first opensource windows worm: rxbot. And the first open source windows/linux worm: agobot. I happily contributed to them and modified the sources. It was easy as hell to hack a windows box. But not anymore.

Generally, if you want to break a box, you need to use a buffer overflow exploit. You write crafted code to some ports on a machine, and boom, you're in. Not anymore. Not only that exploits are getting patched really soon, but even if you discover a 0day ecploit, you can't really use it. You need to bypass the firewall (ports aren't anymore unprotected), and you end up taking charge of an application running in user mode. So you need to bypass the UAC, which is pretty complicated.

I don't say it's undoable, but the security is very hardened and it will be very hard, and it will take thousands of manpower hours do do something which will work.

Reply Score: 3