IE ripe for attack, despite Microsoft claims
Zuntar
North Carolina Icrontian
Windows Vista may be "dramatically more secure" than Windows XP but Internet Explorer is destined to remain Windows' Achilles' heel.
Attacks on browsers will continue their inexorable ascent during the next 12 months, despite changes designed to lock out hackers and thwart remote attacks.
More here!
0
Comments
Many say firefox and linux is way more secure because they use a different programming code that is more secure and better.Well keep in mind most of the problem is the users are not up to date on all the patches and such and get malware .
From what people tell me most hackers will try to find ways in the programming code and most malware get in that way.You go to a web site and get malware and you don't have to click on any thing or run any thing it just comes to you by the programming code.
Another sad reality is that Windows is still based on the Dos model and is an extremely old architecture to model an OS on.
Well Microsoft should have bean working on a new programming code for Windows vista but Windows vista was more of a upgrade to windows xp with new features than a new programming code.There where rumors that Windows vista was going to use new programming code but this not true.
And well even having AVG and zone-alarm running people still get malware and they may not know how they got it .
Well this malware comes in the weak programming code Microsoft likes to use.
It's not nearly as simple as that. Vista is a huge overhall of their OS. It's more a change from XP then XP was from win2000. There is no such thing as a secure OS in terms of a modern operating system. It's easy to blame the OS for flaws and windows has some major holes in it. Vista from what I've seen has been made significantly more secure. But the only real way to reduce the effects that viruses and other malware effect people is to educate users.
OS X and Linux are more secure then previous versions of windows and still probably more so then Vista. However a stupid user can still end up with an infected crippled system.
So what did they change the file system?
I thought mac and Linux are more secure ?
So how does malware come in than?
Windows 98 to 2k is a big change entirely different OS from the way it's built. 98 is a gui built over dos. NT, 2k and XP are all fairly similar in that they weren't built up from dos but were rebuilt from the kernel level. Vista is also a new model. It's not a huge revolution in the way the user makes the system work. But they way they've changed the security model in it and have started to separate the user layer from the protected administrator layer is a significant change for the Windows OS. The GUI itself now is actually putting graphics cards to use and using them to render the desktop instead of relying on the GPU like Previous versions of windows. They've also rebuilt the networking layer finally.
They are more secure because they have long ago seperated the user layer from the administrative layer. But malware can still come in if you are being dumb. If you open a picture and suddenly something wants to install on your system a smart user should know that it's not supposed to do that. However a dumb user may just merrily click along, entering the requested passwords and obliviously installing software. It's similar to a phishing email scam. The email itself isn't a virus but if you click their links and give them your banking or whatever info - your still screwed.
Well what you talking about is having a administrative account and than have a user account that is not allowed to make setting changes or run or download from the interent.And not allowed to add new hardware or software.
But I would still think most malware will find ways in the bad programming code Microsoft uses.
You don't have to click on any thing to get malware as most malware will come in though the windows exploits.The problem with windows 98 is programs run or get download with out user permission or registry changes.
If windows 98 was more secure they would ask you for all setting changes and filter out files being run or download from the internet other than text and graphics.And ask you for permission not programs doing its own thing.
Well most malware come from porn sites or sites to download free music or free games .Also free movies and other free stuff.But there is still malware from other sites and there also worms that go by e-mail address or IP address.Also some message boards have malware or MSN or yahoo groups.
I have seen people get malware just going to a website where it just comes to you with out asking you anything or it is running a program or downloading things with out asking you.The problem with Microsoft is it finds ways in with out your permission or you may not even know it came it.
Having layers of security is about making good code. Windows in the past has never had layers of security. That's a huge problem. Vista now has layered security and core systems that run isolated from the rest of the programs. This is good code. The primary entrance point of any malware program is through the user.
Windows 98 sucks. It had one security layer every running program had access to the core functions and nothing was secure from anything else. Win98 is dead. Move on. Now look at an XP system. I can make a system secure to attack. I can do this without installing any anti-virus or anti-spyware software. It's pretty easy to do just through setting up policies and creating a user mode and an admin mode. The problem is that people for home use don't like this They don't like having to log out of user mode into admin mode install some program or activeX control then going back into user mode etc...
The security is there in WinXP but it's terribly implemented. Vista has gone about correcting this by modeling itself after Linux and OS X in the way that they have made their security layers. Everything runs in a protected mode and if you want to do something that requires administrative mode it prompts you. You give it the admin auth it does it's thing and you are back in user mode. It's more or less seamless.
However a user can still say - yeah ok run this and your security is broken. Regardless of how secure your code is a user is always going to be the weakest link.
This is only true if you have your system setup to run all unsigned code without at least a prompt. Or if you click ok on every pop up that scrolls by. The fact is that these are all exploits that do rely on the user to make them. If I set a gun in front of you and you picked it up and shot yourself it's not the guns fault.
That being said previous versions of Windows were made to be extremely easy for a user to use. That was a bad design choice. All the features to prevent these things from happening are there even back in windows 98 the problem is that they were all disabled by default and it took knowledgeable people to turn on all the right features to secure it. XP was the first Windows system to by default have these features on and Vista has taken the next leap by making it even more secure from user negligence.
Well the core system files should be different than basic programs and any change or any thing to the core systems files windows should ask you.
Do you have some good web sites that talk about the one security layer like windows 98 and more than one security layer like windows xp?
What is bad about activeX ?
I don't know about windows 2000 or XP but I was talking about windows 98 that you can go to a web site and get malware and don't have to click on any thing just going to a web site I have seen it happen.
This is other problem is pop ups I have seen people click on the close box of the pop up than they get malware or it takes them to other web site.Some web sites that are bad will redirect you to other site or you get many pop ups and web sites coming up and you don't have click on any thing.
Think of an OS like an Onion. With each pealing being a layer. The outer Layers are easy to use aren't really the core of the onion. The more layers you peel back the closer you get to the core and the more impact doing something on that layer has.
Good article on a modular OS build.
Good Article Good artcile on How OS X is all put together.
Good Article on how Vista went about breaking up User/Admin rights.