Page 2 of 8 FirstFirst 1234 ... LastLast
Results 11 to 20 of 72

Thread: I've come to a conclusion on M$ security

  1. #11
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    It was an ignorant post i weould presume, but most people know windows is well not even 80% safe.
    Are you sure it's Windows itself that's unsafe or the users/administrators that run it, misconfigure or don't configure it and don't pay attention to security issues? ([whine]"I don't have anything worthwhile stealing!!"[/whine])
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #12
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,024
    But once again, your not entirely correct. Windows only SEEMS to be unsafe because 90% of all computers in the world run some form of windows. Therefore it is attacked more often then any other OS to cause the most damage. I promise you that if linux was running on 90% of the worlds computers, people would be complaining about linux being insecure.
    It's not so much that it is on 90%, but that at least 80% of people using windows are dumb****s/homeusers/lusers/whatever you wish to call them. They aren't smart enough to configure a box, or have no want to. They just want it to "work" with no outside help... Imagine if people felt this way about their cars or some other necessity... Yikes...
    [H]ard|OCP <--Best hardware/gaming news out there--|
    pwned.nl <--Gamers will love this one --|
    Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.

  3. #13
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Imagine if people felt this way about their cars or some other necessity... Yikes...
    Thing is, people do feel about cars, refrigerators, etc. like that. It is this "point and click, it will work" belief that rules our society. We are less interested in figuring out what goes on behind the scenes of "things" (systems) and more interested in getting our "just due". We see this in this environment as well. People want answers, not more questions and heaven forbid that you suggest they do "reseeeeeeeeeeaaaaaaaaaaaarrrrrrrrrrcccccchhhhh".
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #14
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Ms. M: You also have to understand that this is a natural progression of society.... Used to be that you could build your house, live in your house, fix your house, grow your veggies, keep your animals that gave you milk and eggs etc. etc. etc. But as things become more complex then people are no longer able to manage all the knowledge required to manage their own life. Thus we "specialize". When we specialize we determine what is important and what isn't. Your car is important... It gets you to work.... I just, (2 hours ago), had a guy in to fix my washing machine... sucks... now I have to finish the laundry... ... But _my_ computer is fine as is my sweetie's.... because I am "specialized".... or "special"... depending on who you talk to.....

    If their computer gets them their email, albeit slowly, it's still quicker than writing a letter, sending it snail mail and getting the reply.... They don't care that much... It functions... sort of.... We will never convince the masses to pay attention..... Sure as hell won't get them to "research" anything past their map to the house the next party is at on MapQuest.

    Unfortunately, and I hate to say this..... We will have to end up with the dumbing down of the internet so that the "I don't care's" can d/l their music, pr0n and email..... It is where this will all end up.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #15
    Junior Member
    Join Date
    Sep 2004
    Posts
    26
    msmittnes you wrote a great book on wargames, i read that a while back it was very inspiring. You are very intellegent!
    is this a dream

  6. #16
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Wow... I can vividly remember the day when, if I were to defend Windows security I'd have gotten poorly flamed on all sides from Linux, misc UN*X, Solaris, Mac, Amiga, whatever, etc users.

    Good to see the change of pace.

    I would really love to see someone describe why they think NT sucks so much when it comes to security. I mean with real figures not "is well not even 80% safe", whatever the hell that is supposed to mean. Seriously, something that takes into account system capabilities, not merely a specific configuration. An argument that talks about conceptual exploit availability, not just statistically incomparable incident reporting.

    In the last nine years I have never been able to find such a document (save those comparing NT to high assurance, static specification, trusted operating systems or pipe dreams like EROS), yet I've seen heaps against UN*X and Linux, including documents put out by the good people of the NSA and its subordinate organization the NCSC.

    catch

  7. #17
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    Wow... I can vividly remember the day when, if I were to defend Windows security I'd have gotten poorly flamed on all sides from Linux, misc UN*X, Solaris, Mac, Amiga, whatever, etc users.
    That's because Windows has improved. I feel very strongly that moving from the 9x to the NT code base for home users was the best thing Microsoft ever did. However, it would be nice if most services came disabled out of the box, giving Windows a fairly secure default configuration. And I also think that MS needs to sort out their service dependencies a little bit. Why the hell is the management console dependent on the Server service??? Similarly, why the hell does clipboard stuff have to be dependent on RPC. I think that if that kind of wierdness gets sorted out, we can have a really secure default Windows install.

    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

  8. #18
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    NT is cool but one thing about it is that Microsoft used to have a thing on their web page saying that NT should be rebooted at least once a month to deal with memory leaks. This is all fine for a home user, but not for a server.

    Windows 2000 was a great improvement on NT, and everyone has probably heard you can refer to it as NT 5 as it is called so in some of the parts of Windows 2000.

    Windows Server 2003 was another big improvement I think. I've used Windows Server 2003 Enterprise Edition, which I got free from Microsoft and I installed it on a PC, and started playing. One thing I noticed right away was a huge speed improvement over other versions. It's very fast.

    For security, Windows has a long way to go. What I don't like about Windows Server 2003 is that it has Windows Media Player by default. this is just weird. I'm not sure why a server OS would actually need it, and it's got a large list of security holes.

    I personally don't think Windows should be used as a server. I go into detail about this a little more in my OS paper that I've been working very hard on for a while now, and it's not Microsoft totally, but the fact that when you have as much market share as they do, well, you're going to be a target.

    Every Worm that made the news this year was for Windows.


    True these would never make the news if people would learn to patch, but they don't.

    I've said this a million times, and I'll probably still be saying it a year from now, if you want to make it even with Linux and BSD, then cut them down the middle, and do a Linux install that has nothing in it except what Windows comes with, which would be a VERY basic minimal install.

    Now, Windows comes with two text editors, a Media Player, a command line, a file browser, and a stolen Internet Browser which has become the epitome of security flaws. In Microsoft's defence, they never wrote IE, they took it and renamed it from another company.

    Now, install Linux with nothing but the things you get with Windows.

    You'll end up with the Kernel, and toss in mpg123 for the media player, links for a browser, Vi and Emacs, and Midnight Commander.

    Now, update that Linux install, and you'll see maybe two updates.

    Now try with Windows. Click on Windows update, and see if you can count the number of holes on this minimal install.

    When people say Linux has more security flaws than Windows, they are counting an install that has everything, and Linux comes with A LOT more than Windows does. The more software you install, the more likely you are to have to update something.

    Well, like I said, trim that down to what Windows comes with, and you'll see a lot less security holes.

    You'd think that the fact that most of the programs in Linux are open source and come with source code that they would have more holes because people can look at it and find holes, but still Windows is the leader here.


    The GUI I'm not even going to include, as that is a seperate program. X11 is not Linux, it's an application for UNIX based OSs so you can use a GUI, Linux itself is a Kernel, and you can use a bash shell to work with it. Same with Free BSD, it's a command line interface, not a GUI.

    This also in my eyes makes it better for a server, as you aren't wasting RAM on a pretty GUI for a box that is sitting in the closet of a company serving Web Pages or FTP. Who cares how pretty it is when it's in a closet and sometimes, without even a monitor attached to it?

    Viruses, Worms, security flawed Web Browser you HAVE to use for Windows update, unless you allow it to download them automatically, and then a new SP2 for XP which breaks a lot of applications. Even some Microsoft Applications won't work with XP SP2.

    This is not what I'd call a secure OS for server use. Not when you have IIS running which adds more to it. Not that Apache is completely secure, nothing is. But, like I said, a GUI on a server is like driving a Maclaren F1 but only using Reverse.

    I don't think Windows should be used for servers. Windows can be secured just like any other OS, and Open BSD can even be installed wrong, and be worse off than Windows. It comes down to who is using it, but Windows makes you work harder to keep a level of security that would allow it for use in a server.

    Not to mention:

    Every Windows security flaw found, first has to have the patch downloaded one at a time, then a reboot is needed for all security updates. This is really bad, I hate rebooting. I think they should find a way to avoid this. Some people will tell you that "Well you can just restart the services on the box and not need a reboot".... Yea, and your point? Doing that makes the thing unstable as hell, and you'll end up rebooting anyway.


    I can understand a Kernel Reboot, but for a Web Browser? When was the last time you rebooted Free BSD or Linux because you had to update links? Never.

    With Linux, you only reboot when it's a Kernel update. Apache can be updated without the machine rebooting, I mean come on, who doesn't know apachectl stop *Update Apache* apachectl start.

    Just my opinion, but Windows as a secure server platform is a fairytail unless you're REALLY good. And you still have reboots.

    Somewhat on topic, and should make a decent chat on here.

  9. #19
    Junior Member
    Join Date
    Oct 2004
    Posts
    14
    i suck at math too :P (but i sure like languages).

    but microsoft certainly doesnt suck at math. and in statistics they don't as well. i think they have a huge balancing job to do. system has to be easy to handle, then again needs enough functionality to satisfy advanced users. system has to be secure, but needs to support a wide variety of features and gadgets to be attractive. and so on...

    simplicity and complexity, security and openness are all high ideals, none can be reached in perfection. so it's a balancing job. if you want to sell your system even to people who didnt know before that they needed one, you have to convince them. the user should feel safe and comfortable, yet be able to do neat things.

    the user, no matter if private or corporate, has a piece of responsibility too. if his income or future depends on some kind of data, he has to see to it that this specific data is secure. that is possible, user has to do his part of the balancing job too. airlines need to fix their planes right do they. and they dont fly around in submarines.

  10. #20
    ********** |ceWriterguy
    Join Date
    Aug 2004
    Posts
    1,608
    Catch - Not having such figures immediately accessible, I can tell you in one sentence why I think Windows whateverversion is unsafe.

    **Everyone has it, knows it, and there's a ton of software out there to hurt or hack it.**

    /me shrugs and returns to his gaming, not worring if someone sees his pron collection or not.
    Even a broken watch is correct twice a day.

    Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •