Linked by Thom Holwerda on Mon 2nd Apr 2007 21:05 UTC, submitted by Dale Smoker
Windows Microsoft has decided to rush out a fix for a flaw in Windows, saying that the problem has become too serious to ignore. The flaw, which will be patched on Tuesday, was originally disclosed to Microsoft in December, but it was not publicly reported until last week. The bug lies in the way Windows processes .ani Animated Cursor files, which are used to create cartoon-like cursors in Windows.
Thread beginning with comment 226749
To view parent comment, click here.
To read all comments associated with this story, please click here.
lemur2
Member since:
2007-02-17

{ Say, for example, if i was to compare the security of my house to Buckingham Palace. There's been far fewer attacks on my house than Buckingham Palace yet does that make my house more secure? Nope - it just means that Buckingham Palace is a bigger target. }

There are more black hats attacking Windows, more systems running Windows for people to attack, more vulnerable point in Windows to attack, and far, far more "tools" to use in attacks (eg existing viruses and other malware to modify to get past virus checkers) against Windows than is the case for either Mac or Linux.

Windows has: more attacks against it, more ways to be attacked, more points of weakness to attack, more people attacking it, and it presents a more attractive target to attack.

So, using which OS are you likely to be less secure?

Reply Parent Score: 2

Laurence Member since:
2007-03-26

Windows has: more attacks against it, more ways to be attacked, more points of weakness to attack, more people attacking it, and it presents a more attractive target to attack.


Actually that's not technically true. If 'hackers' wanted to turn their attention to OSX then they could and I'm sure they would with great success (remember the guy who found a hole in OSX everyday for a month?)

Granted Windows code isn't always that secure, but then theres been loads (and I mean /LOADS/) of vulnerabilities found in OSX as well.

So as I said before, just because Windows is a bigger target, that doesn't make it less secure, it just makes it an obvious target. Saying OSX is secure because it's not an obvious target is no different to saying my house is safer than Buckingham Palace (with it's dedicated guards et al)

I just wish people would learn the distinction between 'whats the biggest target' and 'whats the most secure' because the two don't have to mean the same thing.

Reply Parent Score: 2

lemur2 Member since:
2007-02-17

{So as I said before, just because Windows is a bigger target, that doesn't make it less secure, it just makes it an obvious target. }

I agree with that. Windows isn't less secure just because it is the bigger target, but rather the other way around. Windows is the bigger target because it is less secure.

{The reason I ask is because I bet if Ubuntu was used as commonly as Windows is now and Windows was the new comer, Ubuntu systems would be going down left right and centre because of the technically inept downloading "i love you" shell scripts.}

I very much doubt it. Windows security model is akin to ... "it is OK to run if it has an .exe extension".

Windows security model is after all set on a design path a la Windows 95 ... a single-user, non-networked OS, wherefrom the Win32 API was generated.

In Outlook, rather than fix the fundamentally broken security in Windows, whereby attachments on e-mails could just run without being given permissions, Outlook just effectively banned attachments.

After all, it is in a certain large software vendor's best interest if it can just run code on YOUR system without you giving your permission ...

Edited 2007-04-03 02:56

Reply Parent Score: 1

Laurence Member since:
2007-03-26

There are more black hats attacking Windows, more systems running Windows for people to attack, more vulnerable point in Windows to attack, and far, far more "tools" to use in attacks (eg existing viruses and other malware to modify to get past virus checkers) against Windows than is the case for either Mac or Linux.


Also just to add:

Would you say the security of an OS was determind by the lowest IQ user or by the average learned user?

The reason I ask is because I bet if Ubuntu was used as commonly as Windows is now and Windows was the new comer, Ubuntu systems would be going down left right and centre because of the technically inept downloading "i love you" shell scripts.

Windows biggest problem is that it caters for the stupid so there for half the successful attacks on Windows are down to the users stupidety. Why doesn't this happy on Linux or OSX now? because the average user isn't that stupid. If they know what Linux or OSX are and specifically chosen that system for what it offers then that, in itself, requires a higher level of technical experience than your average Packard Bell customer (who basically buys their system for porn, word and excel) would care to learn.

I hate coming to Windows rescue in these forums because personally i'm not massively fond of Windows myself, but I think some of the comments made on here are as ignorant towards Windows as Windows fanboys are to OSX.

Reply Parent Score: 1

larwilliams Member since:
2007-04-03

Hey!

We Linux fans love porn too.. just more into the ASCII variety ;)

Reply Parent Score: 2

raver31 Member since:
2005-07-06

Windows biggest problem is that it caters for the stupid so there for half the successful attacks on Windows are down to the users stupidety. Why doesn't this happy on Linux or OSX now? because the average user isn't that stupid. If they know what Linux or OSX are and specifically chosen that system for what it offers then that, in itself, requires a higher level of technical experience than your average Packard Bell customer (who basically buys their system for porn, word and excel) would care to learn.


I take it from that statement you have no idea of the way the *nix security model actually works ?

I can set up a linux pc for joe user, let him browse porn/warez sites to he has had his fill, let him click on everything that pops up.... and his machine will still work.

Windows problems are not caused mostly by the user, but by very bad design.

Reply Parent Score: 3