WINDOWS, interesting read.

[BOAS_N_PYTHONS]

Hi there just something I read last night and thought interesting for anyone wonder same things.

Just copied and pasted it from what I read:


Microsoft apparently sat on a serious Windows OS vulnerability for six months before announcing the availability of a fix today. One analysts calls the latest exploit one of the "most serious Microsoft vulnerabilities ever released". "The breadth of systems affected is probably the largest ever," says Marc Maiffret of eEye Digital Security, the firm that first discovered the vulnerabilities. "This is something that will let you get into Internet servers, internal networks, pretty much any system."

The Microsoft advisory warns that a ASN.1 (abstract syntax notation) vulnerability could allow remote code execution on versions of the company's XP/NT/2000 operating systems. While there are no documented cases of attacks yet, security experts expect hackers to take advantage of the vulnerabilities in a matter of weeks or less. They also warn that the exploit's severity (and the potential in some cases for attackers to bypass firewalls) could make worms like Nimda and Code Red look like heavily sedated kittens compared to what's coming.

Maiffret tells the Associated Press the 6 month delay after the group notified Microsoft was "just totally unacceptable" because Windows users were left vulnerable. Microsoft security executive Stephen Toulouse says the company "took the steps to make sure our investigation was as broad and deep as possible." The patch is available via Windows Update. The exploit may bring renewed debate over whether or not making Windows Update an automatic feature is a good idea.

Cya...

Tony

[Lisa]

That's old news, windows will always have issues with security.

[Invictus]

Yes, and too many people fail to take the vulnerabilities seriously, and that is why things like the Blaster worm are still running rampant.

[Lisa]

Quote:

Originally posted by Invictus
Yes, and too many people fail to take the vulnerabilities seriously, and that is why things like the Blaster worm are still running rampant.

when more people get charged for their computers being used in ddos attacks and repositories for illegal files maybe people will think twice.

[marisa]

"maybe people will think twice"

Yeah and get Linux!

I am learning now and my boyfriend is totally been into it for years and recently did his courses for it (Work related so the job paid for the certifications! that was nice! ) and so far I find it amazingly more "usable" if that makes sense, and far superior to windows in so many aspects I can't even list them all here.

Marisa

[Lisa]

Linux has it's own issues, though it's a sight more secure then windows.

[marisa]

Well considering some of the largest companies in the world are switching to linux, including a very large company my boyfriend works for, it has far less issues than windows for them and their uses at least. I am sure the benefits are different for a small business, or home user. Windows is a horrid product in comparison just from the basics I have seen so far.

Marisa

[Cruciform]

The problem with Microsoft is that they have a strict testing schedule for all software, including fixes for exploits. They just try to keep it quiet as long as possible and hope it doesn't spread too quickly once it's announced on the CERT list.

A lot of people will swear by Linux for security, but unless you know your way around the distro you use you're no better off than you would be using windows. Sometimes worse, because there is that false sense of security. Best configuration is to set your firewall to paranoid to start with and then unlock ports as you need them

[Lisa]

Personally I like macs for their security, by default services are turned off and have to be manually turned on. This doesn't mean they are bullet proof and perfect for everyone, but it does make them more secure then windows (and sometimes linux) counterparts. If only OSX ran on my thinkpad.

[Siretsap]

Which ever os you use, there are always goods and cons.
Windows is crappy in my opinion, but yet, it's everywhere and compatible with almost everything.
Linux isn't as popular and you can have lot's of problems configuring things on it. It's more personalisable than windows and is widly used to hack but can as easaly be hacked as windows.
Knoppix (a GNU/Linux distribution that boots and runs from a cd) is an other option I really like to have 2 os on the same system at a time. I use it more and more and will never go back to only one os.

Mac... well mac is a mac, you like it or hate it. I don't like it, never will, and it isn't as secure as people think it to be. It is very good for graphic designs and is widly used in marketting technologies.

The problem with people is they tend to get caught up in many many goof and crappy add on programs that will supposively protect and all. If I had it my way, every internet connection would have a physical firewall on it and an integrated anti-virus to go with it. Would slow down the virus spreading.

[Invictus]

If I could afford a Mac, I'd have one for sure. But, I'm a graphic designer, so of course I love Macs. In the mean time, until Adobe and Macromedia products are available on Linux, I'm stuck with Microsloth WinBlows.

Siretsap - I can tell you're not a hardcore geek if you think that a Mac is not as secure as people think. The new MacOS is based on BSD Unix - known as the Fort Knox of operating systems. If you know someone who can hack BSD, please introduce me to them so I can call them a liar right to their face.

Also, saying Linux is as easy to hack as Windows is absolutely silly. Why is it that there are only a FEW known viruses for Linux?

[marisa]

Invictus....if you are ever interested in using Linux but are not because of Adobe check into http://www.gimp.org/

Mind you obviously Adobe rocks but I couldn't BELIEVE how amazing GIMP is. It does almost everything Adobe does. But on Linux. Check it out sometime.

Marisa

[Cruciform]

Viruses and root exploits are two different things.

If you give a typical consumer a windows CD and a Linux CD and have them install both, neither system will be secure. An OS is only as strong as it's weakest link, and that is always the user. There are regular root exploits of linux announced on CERT and other security lists. All the user needs to do is keep on top of the hotfixes and updates. The average user won't.


OpenBSD is our office firewall. One root exploit in 10 years in the out-of-the box release is a hell of a good record.

We got a new dual-G5 at work today for development. It's a sweet machine. If Macs weren't so overpriced I'd get one. The stability of a BSD based OS, combined with the Apple's interface design isn't a bad thing. Although my intense love of gutting my hardware regularly to upgrade or tweak would have to find a new outlet

[tHeGiNo]

Agreed, Marissa. GIMP came strongly recommended to me through a cousin of mine, who is a graphic designer / software producer.

[marisa]

Yeah and the best part about it is, it's free!

Marisa