is windows insecure by default?

[littlenick]

it must have been discussed before i am not posting this here to make anather " linux is better(secure)as compared to windows" thread we all know that and we all agree to that although microsoft responds to security vulnerabilities pretty fast but still i believe windows is insecure by default.
take a look at these two links
http://zone-h.org/en/advisories/read/id=6392/
http://www.packetstormsecurity.nl/fi...rflow.pdf.html

one microsoft product having medium level security vulnerability and anather windows based player having buffer overflow.
although second is not microsoft related bug but still i am posting it here.
what i was thinking while reading these two post is "what microsoft can do to make windows better in terms of security?"
if they make windows an open source OS would it make any difference to softwares like winamp to not make these stupid mistakes( i think this is third exploit in a short time fow winamp)

again the first vulnerability in IE confirms that microsoft needs major changes if they want to be anywhere close to linux.may be they have to design a new OS right from the beginning.

if u still have any doubt or if u don't agree a little bit see this)
http://www.packetstormsecurity.nl/fi...ched.html.html

[Spyder32]

Technically, yes it is.. However (and IMO) that kinda question is somewhat ignorant, no? Sorry, just the way it sounds is a tad ignorant IMO.

[jinxy]

i think this is third exploit in a short time fow winamp)

WinAmp is now owned by AOL. In the true sence of the word 0wNeD....................Is there a coincidence, or is the fact that Nulsoft has lost there indipendence got something to do with it?

[MrLinus]

it must have been discussed before i am not posting this here to make anather " linux is better(secure)as compared to windows" thread we all know that and we all agree to that although microsoft responds to security vulnerabilities pretty fast but still i believe windows is insecure by default.

Actually Linux is neither more secure than Windows by default. (ever looked as to what is open and closed for a default linux install?). Both can be locked down well by the administrator after the fact and both are dependent on having a decent administrator (this varies by degrees with which linux distro you use). That said, however, I have strong suspicions about MS's lifecycle controls and that they still seem to miss out on the testing portion. I suspect that they aren't going beyond the box (that is, intended input/output) to do testing.

Now, Winamp isn't MS's responsibility or fault. That's those coders responsibility/fault. It'd be like saying that exploits that expose Apache are the fault of Red Hat or SUSE. So that should be considered a separate issue.

what i was thinking while reading these two post is "what microsoft can do to make windows better in terms of security?"
if they make windows an open source OS would it make any difference to softwares like winamp to not make these stupid mistakes( i think this is third exploit in a short time fow winamp)

Maybe, maybe not. Putting it open source however won't be something that will happen.

again the first vulnerability in IE confirms that microsoft needs major changes if they want to be anywhere close to linux.may be they have to design a new OS right from the beginning.

No, they don't need to design the OS over again. They do need however to redesign IE. They did it for IIS. IIS 6 has had huge improvements and I don't think I've seen a single exploit for this version as of yet (I know it's relatively new but still... ). On this same line, KDE needs to deal with KDE's Konqueror (type Konqueror and then hit Submit. You can do comparisons with Mozilla, Netscape, FireFox, Opera, etc. IE probably has the highest in a short period but many are close -- Konqueror just had a new one announced on FD either today or yesterday IIRC)

if u still have any doubt or if u don't agree a little bit see this)
http://www.packetstormsecurity.nl/f...tched.html.html

That's just the same exploit as the first one above, just described differently. You said this wasn't a "linux is better than Windows" but it sounds like it. If you don't like Windows, don't use it. If you like Windows, then learn to secure it. The same can be said in reverse for Linux.

[nihil]

i believe windows is insecure by default.

You are absolutely correct young man!

I have a Norton AV disk.............5.25" ( ) that claims to detect "ALL 726 known computer viruses" ( yes, seven hundred and twenty six)

Security was not an issue when I started in the game NO OSes were secure........

What we really need is a good World War to get these skiddies walking in minefields?..............the draft..........no (S)kiddies rights............they are beaten into them by a master sergeant?

And I would go after the parents (terminate them to protect the human gene pool?) if they supply a computer to one of these slime balls, they might as well have supplied a .45 auto, for all the responsibility they have shown?

But I was always a reasonable man?

[el-half]

What we really need is a good World War to get these skiddies walking in minefields?..............the draft..........no (S)kiddies rights............they are beaten into them by a master sergeant?

The removal of skiddies would result in the degeneration of my intellectual superiority feeling because it would take away many idiots, so I vote against.

[rcgreen]

Windows has evolved from a time when security was not an issue
for PCs. Not that long ago, the PC wasn't powerful enough to be a
server, so its single-user OS was wide open and simple. Servers
ran on special hardware. Now, there's been so much progress that
we're barely able to catch our breath.

Windows NT was designed for business and school LANs, not to be an
internet server. Features have been grafted on, without removing old ones.
A lot of famous vulnerabilities are related to misconfiguring those LAN
protocols so you wind up inadvertently sharing your folders on the net.

They are redesigning Windows, or writing an all new OS with security in mind
but you may not like it when you discover just how secure it
will be against you trying to play MP3s, pirated movies, or software
not approved by M'soft.

[SDK]

Any OS can be secure or completely unsecured; it's only a matter of how the administrator manage is server.

[The Grunt]

All OS's are insecure or unusable by defualt... I thought this was a fairly obvious observation? You put an unpatched Win XP box on the net, you leave it overnight, it's owned. You throw an unpatched RH box on the net, you leave it overnight, it's owned...

[Cope57]

Originally posted here by nihil
I have a Norton AV disk.............5.25" ( ) that claims to detect "ALL 726 known computer viruses" ( yes, seven hundred and twenty six)

Isn't there more than 100,000?
Or is that 726 'active' viruses?