Hi there just something I read last night and thought interesting for anyone wonder same things.

Just copied and pasted it from what I read:


Microsoft apparently sat on a serious Windows OS vulnerability for six months before announcing the availability of a fix today. One analysts calls the latest exploit one of the "most serious Microsoft vulnerabilities ever released". "The breadth of systems affected is probably the largest ever," says Marc Maiffret of eEye Digital Security, the firm that first discovered the vulnerabilities. "This is something that will let you get into Internet servers, internal networks, pretty much any system."

The Microsoft advisory warns that a ASN.1 (abstract syntax notation) vulnerability could allow remote code execution on versions of the company's XP/NT/2000 operating systems. While there are no documented cases of attacks yet, security experts expect hackers to take advantage of the vulnerabilities in a matter of weeks or less. They also warn that the exploit's severity (and the potential in some cases for attackers to bypass firewalls) could make worms like Nimda and Code Red look like heavily sedated kittens compared to what's coming.

Maiffret tells the Associated Press the 6 month delay after the group notified Microsoft was "just totally unacceptable" because Windows users were left vulnerable. Microsoft security executive Stephen Toulouse says the company "took the steps to make sure our investigation was as broad and deep as possible." The patch is available via Windows Update. The exploit may bring renewed debate over whether or not making Windows Update an automatic feature is a good idea.

Cya...

Tony

That's old news, windows will always have issues with security.

Yes, and too many people fail to take the vulnerabilities seriously, and that is why things like the Blaster worm are still running rampant.

Originally posted by Invictus
Yes, and too many people fail to take the vulnerabilities seriously, and that is why things like the Blaster worm are still running rampant.

when more people get charged for their computers being used in ddos attacks and repositories for illegal files maybe people will think twice.

"maybe people will think twice"

Yeah and get Linux! :D

I am learning now and my boyfriend is totally been into it for years and recently did his courses for it (Work related so the job paid for the certifications! that was nice! :D) and so far I find it amazingly more "usable" if that makes sense, and far superior to windows in so many aspects I can't even list them all here.

Marisa

Linux has it's own issues, though it's a sight more secure then windows.

Well considering some of the largest companies in the world are switching to linux, including a very large company my boyfriend works for, it has far less issues than windows for them and their uses at least. I am sure the benefits are different for a small business, or home user. Windows is a horrid product in comparison just from the basics I have seen so far.

Marisa

The problem with Microsoft is that they have a strict testing schedule for all software, including fixes for exploits. They just try to keep it quiet as long as possible and hope it doesn't spread too quickly once it's announced on the CERT list.

A lot of people will swear by Linux for security, but unless you know your way around the distro you use you're no better off than you would be using windows. Sometimes worse, because there is that false sense of security. Best configuration is to set your firewall to paranoid to start with and then unlock ports as you need them :)

Personally I like macs for their security, by default services are turned off and have to be manually turned on. This doesn't mean they are bullet proof and perfect for everyone, but it does make them more secure then windows (and sometimes linux) counterparts. If only OSX ran on my thinkpad.

Which ever os you use, there are always goods and cons.
Windows is crappy in my opinion, but yet, it's everywhere and compatible with almost everything.
Linux isn't as popular and you can have lot's of problems configuring things on it. It's more personalisable than windows and is widly used to hack but can as easaly be hacked as windows.
Knoppix (a GNU/Linux distribution that boots and runs from a cd) is an other option I really like to have 2 os on the same system at a time. I use it more and more and will never go back to only one os.

Mac... well mac is a mac, you like it or hate it. I don't like it, never will, and it isn't as secure as people think it to be. It is very good for graphic designs and is widly used in marketting technologies.

The problem with people is they tend to get caught up in many many goof and crappy add on programs that will supposively protect and all. If I had it my way, every internet connection would have a physical firewall on it and an integrated anti-virus to go with it. Would slow down the virus spreading.

If I could afford a Mac, I'd have one for sure. But, I'm a graphic designer, so of course I love Macs. :D In the mean time, until Adobe and Macromedia products are available on Linux, I'm stuck with Microsloth WinBlows.

Siretsap - I can tell you're not a hardcore geek if you think that a Mac is not as secure as people think. The new MacOS is based on BSD Unix - known as the Fort Knox of operating systems. If you know someone who can hack BSD, please introduce me to them so I can call them a liar right to their face.

Also, saying Linux is as easy to hack as Windows is absolutely silly. Why is it that there are only a FEW known viruses for Linux?

Invictus....if you are ever interested in using Linux but are not because of Adobe check into http://www.gimp.org/

Mind you obviously Adobe rocks but I couldn't BELIEVE how amazing GIMP is. It does almost everything Adobe does. But on Linux. :D Check it out sometime.

Marisa

Viruses and root exploits are two different things.

If you give a typical consumer a windows CD and a Linux CD and have them install both, neither system will be secure. An OS is only as strong as it's weakest link, and that is always the user. There are regular root exploits of linux announced on CERT and other security lists. All the user needs to do is keep on top of the hotfixes and updates. The average user won't.


OpenBSD is our office firewall. One root exploit in 10 years in the out-of-the box release is a hell of a good record. :)

We got a new dual-G5 at work today for development. It's a sweet machine. If Macs weren't so overpriced I'd get one. The stability of a BSD based OS, combined with the Apple's interface design isn't a bad thing. Although my intense love of gutting my hardware regularly to upgrade or tweak would have to find a new outlet :)

Agreed, Marissa. GIMP came strongly recommended to me through a cousin of mine, who is a graphic designer / software producer.

Yeah and the best part about it is, it's free! :D

Marisa

I have used what I think is a relatively new version of GIMP (I tested it out about 6 months ago at work), and though I was impressed by how far it has come, I'm afraid it is leaps and bounds behind photoshop. I'm not a loyalist at all - in fact, I still think that OS/2 was WAAAAAY better than Windows, but it didn't have the support Microsoft had. I think Windows sucks in every way, but I stick with Adobe and Macromedia products simply because they are the best.

Another OS/2 geek!

Hehe, OS/2 rocked. If they had incorporated a boot mode that supported games better it might have caught on in the general public. Some banks still use it.

Gimp is a good tool, but like most linux tools it's designed by programmers as opposed to interface designers :) It's very hard to leave photoshop once you get familiar with the tools and hotkeys. It becomes second nature. Gimp and PSP need to keep working to get to that ease-of-use.

Invictus, macs aren't as expensive as you think I did two comparisons between two similarly configured mac and dell laptops, a low end and high end comparison. in the low end the dell beat out the mac by about $200 (1500$ for the dell compared to $1700 for the mac), where the higher end mac beat out the dell by a similar margin ($2300 compared to $2500). I didn't compare desktops as I wouldn't buy one.

now when comparing PC's and Macs you have to remember that macs run with RISC processors and you can't compare MHz directly. Mac programs also tend to be way smaller then their windows counterparts as well so you don't need as much harddrive space. And now that Macs have OSX you not only have all the previous Mac software but you get unix software as well (most stuff that runs on BSD will run on Mac OSX if you can compile it). Now macs aren't perfect, but they're pretty nice.

You can pick one up used on ebay for a fair price too.

When shopping for laptops I would avoid Dell like the plague. They've got a bad rep for overheating.

My coworker has the 15" inch screen powerbook, and it's a beauty. It had bad solder joints though so it's out for servicing now :(

I only compared it to dell because they're pretty cheap, for wintel notebooks my first choice is ibm thinkpads. if i couldn't have a think pad i'm not sure who i would go with.

My main complaint with Mac laptops is that &#@& touch pad.

Lisa, that's great news that macs have come down in price so much. I think I'll start looking more closely again. And you're right, the RISC architecture just dances circles around comparable SISC processors like the Intel. Though I do have to say this about Intel... their Xeon processors are absolutely beyond incredible. Our production Oracle server at work is running Linux on dual Zeon 2 GHz processors, and let me tell you.... we benchmarked that thing at 100 X the performance of a similar SUN running Solaris, the world's most notorious resource pig.

Cruciform - Haha, right on man! Nice to know I'm not alone in thinking that OS/2 could have world domination right now if they had just had better marketing. OS/2 Merlin was just a thing of beauty.

Originally posted by Invictus
If you know someone who can hack BSD, please introduce me to them so I can call them a liar right to their face.

http://www.zone-h.org
http://www.zone-h.org/en/stats


BSD systems are exploitable. If you want to be sure that the defaced sites listed are BSD systems, use netcraft's tools to verify.

Most likely the fault of bad system administrators. I was exaggerating on my post, it was meant to be a little tongue-in-cheek. Obviously nothing is hack-proof. But compared to other OSs out there, BSD is known as being the most secure on the market.

here's interesting news http://www.infoworld.com/article/03/10/02/HNmssecsuit_1.html?security

it's about some one sueing MS for releasing such cruddy operating systems.

BSD like most unix/linux systems suffered from ssh vulnerablities amongst other things.

I have a computer that is hack proof... but it doesn't connect to the internet (i'm not even sure it can). :)

Today's news:

The source for Win2K and XP has been leaked.

This will probably lead to several major exploits in the near future.

and maybe some bugfixes!

They won't come nearly as quickly as the exploits. We've worked with them, and they have a standard process for testing that takes time.

Hi everyone:

Wow thought to let a few people see what I wrote and it went wild on so much more information, very cool.

That my 2cents.

Cya...

Tony

99% of problems with home PC's and almost as much are due to opperator error/stupidity/lack of knoweledge/lazyness. It doesnt matter what OS you are running. An up to date virus scanner and firewall are mandatory. Not to mention the thousands of boneheads who get suckered into opening virus laden emails. People need to take responsability for thier computers and educate themselves. Its all fine and dandy to blame microsoft but people need to take some personal liability for thier own computer security.

I havent had an active viruson a PC since I retired my Amiga 1000. More than 9 years ago.

DERRICK:

That is pretty much what I was about to say - qoute on qoute.

Cya...

Tony