Linked by Thom Holwerda on Tue 10th Nov 2009 09:31 UTC
Windows Last week, security vendor Sophos published a blog post in which it said that Windows 7 was vulnerable to 8 our of 10 of the most common viruses. Microsoft has responded to these test results, which are a classic case of "scare 'm and they'll fall in line".
Thread beginning with comment 393774
To view parent comment, click here.
To read all comments associated with this story, please click here.
kragil
Member since:
2006-01-04

No, default install is just a lot more insecure than Vista. You have to manually set UAC to always prompt otherwise it is easy to circumvent.

Reply Parent Score: 6

bsdfreak Member since:
2009-10-22

ok i didnt know that, i dont use windows at all. i've only tried win7 for a few weeks. But i wasnt really satified to use it as my default os.

Reply Parent Score: 1

Thom_Holwerda Member since:
2005-06-29

This isn't entirely true. UAC is less secure, definitely - however, the operating system itself also has other new security features. In other words, calling the entire OS less secure is a bit premature.

Doesn't negate the fact the changes in UAC are braindead.

Reply Parent Score: 1

kragil Member since:
2006-01-04

Well at the end of the day security is account separation, which is effectively dead is the new "streamlined UAC".
Compared to that other enhancement I read on http://technet.microsoft.com/en-us/library/dd560691.aspx are just minor tweaks or meaningless to consumers, so IMO at least the default install(not the whole OS) is less secure. But defaults matter bigtime when you 94% market share.

Reply Parent Score: 2

kaiwai Member since:
2005-07-06

No, default install is just a lot more insecure than Vista. You have to manually set UAC to always prompt otherwise it is easy to circumvent.


And the whole UAC could be avoided if Microsoft refused to support poorly written applications and bundled Windows XP Virtual Machine with every copy of Windows 7. If they did that then the whole malarkey with UAC would be a non-issue. It is end users complaining about their 20 year old application to work perfectly with the latest version of Windows and the vendors who refuse to update their software knowing full well that Microsoft will never force them to make their software run properly in a limited privileged environment.

Each layer of backwards compatibility adding more complexity and possible area that criminals can target. Microsoft could sort it out tomorrow, like I said. They could move backwards compatibility into virtualised Windows XP sessions and hold back Windows certifications from software vendors who refuse to get their software up to standards - the cold hard reality is that when push comes to shove and the difficult decisions need to be made - they crumple.

Edited 2009-11-10 12:05 UTC

Reply Parent Score: 4

Thom_Holwerda Member since:
2005-06-29

Microsoft could sort it out tomorrow, like I said.


As much as I want to believe you, we don't know if it's that simple. We talk about backwards compatibility as if it's a simple package that comes with an InstallShield uninstaller, but in reality we have no idea how entrenched "backwards compatibility" is into the operating system.

and hold back Windows certifications from software vendors who refuse to get their software up to standards - the cold hard reality is that when push comes to shove and the difficult decisions need to be made - they crumple.


They've just been fined massively, and forced to change their operating system for something as mundane as including a browser or a media player - how do you think the DOJ and Kroes would respond if Microsoft did something like that?

I'm sure just about every engineer inside Microsoft wants to do just that, but this isn't Apple we're talking about - it's Microsoft. They are treated differently because of their market position, and can't just do the kind of cut-throat code cutting Apple can do.

Reply Parent Score: 2