see, i just dont buy that. it does look like the "study" was funded by ms as the article was written on windows IT pro dot com or whatever. i dunno, i mean, i know that there have been a few bugs here and there with the various linux OS's, but come on. it seems like you hear about windows flaws almost daily.
but the reason why you hear about MS is because everyone uses it or 90% of ppl do also MS makes alot of money,who can forget little Monoply lawsuits they had to deal with, ppl will never forget that.
no, the reason you hear about it is because there are a ton of bloody loopholes in the windows OS. Read the changelog for Service Pack 2 - you'll be amazed how many things are in there. "Fixed an overflow bug in notepad that would allow someone to gain full local access to the system."
That artical isn't painting the whole picture it's talking about attacks. It's also not differnetiating between home and business users in where the number are coming from. An attack can be as simple as hacking a password in which case it's not the OS fault it's a user fault. If you have linux up and logged in as root with a shity password ports open remote desktop open etc...etc.. sure you are vulnerable, and once in you can do alot of damage.
However the majority of internet problems are from virus and exploits right now in which case M$ is the majority of all of them linux and macs essentially are virus free and exploit free when set up propperly. M$ on the other hand I just did a clean install of XP and there were 80 security updates. That's not including SP2.
Whatever that artical is trying to say they are out of their minds if they are seriously propossing that Windows is a more secure and safer networking enviroment.
I generally agree. You could easily have a windows box tight as a vault door and a linux box hanging wide open if you knew or didn't know what you were doing.
The key being that you aren't going to get a browser exploit that allows entry into Linux. Where as no matter how secure your winbox is if you click on a link and it opens up a new yet unknown exploit in IE then you've got a problem.
So the logical choice is don't use IE. Which WE would probably all agree is part of locking down windows. But if the argument is that Windows is more secure then Linux I think Windows should be based on it's own as close to stock as possible.
Linux you can set up right out of the box and run and it's pretty much completely secure (assuming you aren't logged in and running as route all the time).
Windows you set up and install out of the box and well it's a huge gapping whole so you have to put in 80 security patches and two service packs and it's still insecure so you have to put on spy/pop up blockers run adaware to get rid of M$ Amanda account and kill the messanger service. Oh but you aren't done yet you should be installing anti-virus software because well you have to have it on windows.
Then you are about 90% secure next things you should do are switch from IE to FireFox -any non IE browser will do though. You are now 95% secure. So next thing is to go through and kill any useless services that run on default but are completely useless. Which gets you 99% secure the last thing to do (which only applies to a network) is to go through and create a whole bunch of policies that won't allow anything that you've just implemented to get un-implemented by some new exploit or an idiot user.
Amen Brotha! Preach it Raffi! Windows flaws are only as bad as the stupidness of the person using it
well its true, ive seen Linux servers get hacked because apache/ssh wasnt up to date, you have to patch your server/services, not matter what OS your running.
I cant use Linux and I'm far too lazy to read up on how to but maybe one day I will.
What I will say though, if I were to install Linux now and have a play around as I have done a few times in the past my computer would be less secure than my windows install. This is nothing to do with the operating system, it just means I know how to use windows so have a better idea on what I have to do to keep it running safely.
Its only more modern linux distros that are MUCH easier to install that has meant complete newbies like myself have any chance of learning what Linux is like. Some would argue that untill I compile a kernal and all of that other stuff then I wont have a clue what the OS is like and thats probably true.
All those users who dont know what they are doing can only be a bad thing. You only have to use a less tech savy friends PC to see how bad things can get.
That's not true. Any modern linux distro that installed is more secure then Windows for a few key reasons. First you aren't running IE for your browser. Email viruses won't effect you at all. The stock firewall is more effective and at the same time far less annoying then the Windows one. It actually works like a real firewall in the same maner that a router does and just sits there blocking ports. It doesn't work in the windows fashion with annoying constant pop-ups wanting to know if this that or the other is safe.
Unless you are a completely ignorant person and ignore every single warning message that pops up during the install you aren't running with administrative rights. Unlike in windows unless you go out of your way you are always logged in with administrator rights.
Lastly if worse comes to worse and a user completely screws up his system well just delete his user account. Unless you are running as root nothing a user can do will effect the actual system.
ok, out of the box, windows installs the default user as administrator. every dell, hp, and gateway machine main user (and usually only) is the administrator. out of the box
linux SPECIFICALLY AND BY DESIGN does not use the root account and so it therefore bypasses the most serious flaw in windows: the fact that most people are using their admin account and dont even know it. linux would never ever have the root account as easily accessible. and that also, is out of the box
that said right there, until that one feature is changed, windows will ALWAYS be less secure.
also, to those who know, did you guys realize that windows installs have an "etc" directory. i think that says something very important about microsoft's "closed source" . . .
didn't I just say that in the previous message Less rambly but I did say it
As for the etc... windows>system32>drivers>etc it hold no purpose accept for networking as it holds the best file for protecting yourself from the internet inside of it. It has the hosts file. That file is great wanna stop pop-ups and common internet annoyances just edit the hell out of that file. There are some good links on the net(to lazy to search now) that have some excellent edited hosts files that'll stop a vast majority of common inet problems. WHen it comes to pop-ups and browser hijacks.
Zuntar
North Carolina Icrontian
Comments
yeah, i just dont buy it. and thats it.
However the majority of internet problems are from virus and exploits right now in which case M$ is the majority of all of them linux and macs essentially are virus free and exploit free when set up propperly. M$ on the other hand I just did a clean install of XP and there were 80 security updates. That's not including SP2.
Whatever that artical is trying to say they are out of their minds if they are seriously propossing that Windows is a more secure and safer networking enviroment.
what i believe is, an OS is only as safe as the person configuring/installing it.
i personaly know MS products and know how to secure them, same as how a linux guru would know how to secure his own.
my 2 cents
So the logical choice is don't use IE. Which WE would probably all agree is part of locking down windows. But if the argument is that Windows is more secure then Linux I think Windows should be based on it's own as close to stock as possible.
Linux you can set up right out of the box and run and it's pretty much completely secure (assuming you aren't logged in and running as route all the time).
Windows you set up and install out of the box and well it's a huge gapping whole so you have to put in 80 security patches and two service packs and it's still insecure so you have to put on spy/pop up blockers run adaware to get rid of M$ Amanda account and kill the messanger service. Oh but you aren't done yet you should be installing anti-virus software because well you have to have it on windows.
Then you are about 90% secure next things you should do are switch from IE to FireFox -any non IE browser will do though. You are now 95% secure. So next thing is to go through and kill any useless services that run on default but are completely useless. Which gets you 99% secure the last thing to do (which only applies to a network) is to go through and create a whole bunch of policies that won't allow anything that you've just implemented to get un-implemented by some new exploit or an idiot user.
No way windows is more secure.
Amen Brotha! Preach it Raffi! Windows flaws are only as bad as the stupidness of the person using it
well its true, ive seen Linux servers get hacked because apache/ssh wasnt up to date, you have to patch your server/services, not matter what OS your running.
If your an incompetent linux admin, the OS itself can't save you.
Pick the best tool for the job, or the one you can use the best.
What I will say though, if I were to install Linux now and have a play around as I have done a few times in the past my computer would be less secure than my windows install. This is nothing to do with the operating system, it just means I know how to use windows so have a better idea on what I have to do to keep it running safely.
Its only more modern linux distros that are MUCH easier to install that has meant complete newbies like myself have any chance of learning what Linux is like. Some would argue that untill I compile a kernal and all of that other stuff then I wont have a clue what the OS is like and thats probably true.
All those users who dont know what they are doing can only be a bad thing. You only have to use a less tech savy friends PC to see how bad things can get.
Unless you are a completely ignorant person and ignore every single warning message that pops up during the install you aren't running with administrative rights. Unlike in windows unless you go out of your way you are always logged in with administrator rights.
Lastly if worse comes to worse and a user completely screws up his system well just delete his user account. Unless you are running as root nothing a user can do will effect the actual system.
linux SPECIFICALLY AND BY DESIGN does not use the root account and so it therefore bypasses the most serious flaw in windows: the fact that most people are using their admin account and dont even know it. linux would never ever have the root account as easily accessible. and that also, is out of the box
that said right there, until that one feature is changed, windows will ALWAYS be less secure.
also, to those who know, did you guys realize that windows installs have an "etc" directory. i think that says something very important about microsoft's "closed source" . . .
As for the etc... windows>system32>drivers>etc it hold no purpose accept for networking as it holds the best file for protecting yourself from the internet inside of it. It has the hosts file. That file is great wanna stop pop-ups and common internet annoyances just edit the hell out of that file. There are some good links on the net(to lazy to search now) that have some excellent edited hosts files that'll stop a vast majority of common inet problems. WHen it comes to pop-ups and browser hijacks.