That's just not so Eugene - check out Jeff Jones' study of comparative vulnerabilities reported by Red Hat, Microsoft, Ubuntu and Apple OSX. Red Hat, Ubuntu and Apple all have more severe vulnerabilities than Windows Vista or Windows XP, combined. http://blogs.technet.com/security/archiv...ity-report.aspx

Hmm, I have never like the obscurity argument for any platform. Yes, many more people use various flavors of Windows and it is a much "juicier" target these days. Initially there was little business value to exploiting the weaknesses of the Windows OS since the truly mission critical stuff ran on VAX, UNIX or older Mainframe systems. These systems have been networked for years and been demonstrably less vulnerable to many of the exploits pulled on Windows systems. So basically the security problems with older Windows systems were initially exploited for fun and reputation, not profit (this changed when people figured out you could take over machines via email and send spam from a remote machine). On that basis I would have expected people to come out swinging at some of the non-MS stuff just to show it could be done. Results to date indicate that either people aren't trying too hard or non-MS stuff is harder to exploit (interpreting a small/null sample is always a challenge).

Of course MS made it trivially easy for people to find exploits. Initially there was literally no concept of designed in security and while they are improving, security often runs counter to the MS approach to ease of use (let the system automatically do that to ^h^h for you) and creeping (or maybe exploding) featuritis. This is especially true with the MS office suite, mail and IE being so closely integrated with the OS. A vulnerability anywhere can be escalated across the entire environment. At least with non-MS stuff in the loop (as browser or OS) the level of integration and vulnerability is reduced.

Are Linux and MacOS bulletproof? Of course not! But because of various design decisions they are much less vulnerable to the sorts of tomfoolery that Windows has had to put up with. It is much more difficult to escalate an exploit on most non-MS systems to the same degree that you can on a MS platform.

I don't have certifications like yours, and to be blunt in my field they don't mean much, but I do have over 20 years working with lots of Commercial Off The Shelf computing and networking systems while designing, integrating and testing safety critical systems. A lot of this computing stuff is pretty similar to our preparedness discussions - lots and lots of choices with no single answer that works for everyone.

- Eric

Considering the source of the paper I would be shocked if they reached any other conclusion. Jeff Jones works for MS. Having reviewed the paper (and the comments on the site), I would basically say that you can use metrics (measurements) to reach any conclusion you want- you just have to pick the right ones.

- Eric

Ha, <sarcasm> a real unbiased source there </sarcasm>

Microsoft has put out a lot of papers, some show the cost of ownership lower for their software, showing the uptime greater, etc, all of them are good joke material for the whole IT industry.

Like you, I will take my opinion from practical experience. I too have had several computers trashed because of “drive-by downloads” that Internet Explorer lets in and Norton AntiVirus doesn’t even blink at. After reformatting my own computer a couple times because of this, and reformatting several friends’ computers because of this, I whole-heartedly recommend using an alternative browser.

I am now using Firefox, along with the NoScript add-on. The NoScript add-on is only partially for security in my case; it is also fantastic for disabling all the Flash web-junk that makes my piece-of-trash PC even slower. Internet Explorer 7 and 8 may not be as bad as the older versions that were the bane of my experiences, but I would rather not switch from my current setup that I know works and am comfortable with.

I also whole-heartedly recommend avoiding Symantec security software like the plague, although I have heard their newer versions also work much better than the older ones. Although after seeing Norton AntiVirus sit in the system tray right alongside the darned adware download viruses Internet Explorer let in, I have advocated various other antivirus products instead. Eset NOD32 is my current favorite, but my antivirus trial-and-error testing is material for another thread.

Same happened to me, both times were simple typo's in the address bar. This was on my brand new laptop I bought around 2003, was my first XP system. Never got USB to work right or suspend/resume either no matter how many patches or driver updates, both worked nine out of ten times. This was compared to all the Windows 2000 systems I had owned or supported through jobs. I was messing with Linux off and on for about a year and made the switch and am still running that same laptop now, I've replaced the 1 GHz processor with a 1.3GHz, the drive went from 20G to 60G to 120G to 160G, ram at 640M (I still need to order that other 512 to replace the 128) network from pcmcia to 802.11b minipci to 802.11.a/b/g minipci. I need to replace the backlight bulb now as its starting to get dim. I've carried it everywhere and ran it 24x7. I upgrade to the latest version of my distro each time I swap in a bigger drive and it keeps getting faster unlike Windows systems that get slower with age.

Due to most of the nature of my work (computer security related), I am dependent on Windows most of the time. I stay away from IE like the plague and use Firefox (and Google Chrome) instead. For FF, I also use Adblocker, Noscript, Remove it Permanently (great for removing extraneous fluff from websites) and Edexter.

All the pc's regardless of operating systems on my network are routed through a customized Squid proxy server with restricted lists of domains and iptables running on Linux which is forwarded to two routers / firewalls then out to the internet.

Needless to say not only do I feel safe browsing the internet and stopping unwanted TCP/IP incoming traffic, web pages load exceptionally fast with all the ads, flash video etc stripped out of them.

As for Norton....stay away from this product in any incarnation. Better choices out there include NOD32 and Trend Micro.

On a related note, a couple of days ago, Martin Focazio mentioned the Google Chrome browser and he is correct.

Quote
One more thing...
Google Chrome. A good browser for today and a better browser for tomorrow.
Get it. Live it. Love it.
It's CRISP and SIMPLE.
End quote

I also really believe Google Chrome is the browser for today and tomorrow. Once they get one little bug fixed that really effects my work.....I will switch over to it full-time.

I don´t attach much importance to simple tools like browsers and don´t care what people use but I am quite surprised how many people glorify the Chrome browser. This thing is basically created for one reason - to spy on you in order to target advertisements to you. Or who knows what they are doing with all this data or what they will do in the future.

Maybe something has been already "fixed" now but here are some examples what Chrome was like when it came out (maybe something is still included today):

- If I remember correctly the EULA of the software stated something like this: whatever you upload via Chrome browser belongs to the Google. Basically "All your base are belong to us" attitude. I believe the EULA was changed with later versions. But the first EULA says something about Google´s intention.

- Your Chrome installation is associated with unique ID. In order to anonymize your installation you have to use third party application UnChrome. (This behavior is present in Chrome today.)

- Google update service which installs along with Chrome is always running on your computer even if Chrome is not running and cannot be terminated or uninstalled the normal way. (This was somebody´s complaint - I don´t know if it´s 100% true.)

- This is from this thread - http://forum.securitycadets.com/index.php?showtopic=8161&hl



There were also some serious security bugs in Chrome ( http://forum.securitycadets.com/index.php?showtopic=8161&hl ). I don´t know if everything has been fixed now or not.

There are more issues than these, just search "Google Chrome Privacy".

... No, thanks, I will stick with Opera.

P.S.: There is "Iron" browser that is created from open source code of Chromium. It should be almost identiccal to Chrome but with better privacy and maybe other advancements.

This is not any different then any other web site / service. Read their EULA's and privacy agreements.....some make Google's pale in comparison. As for glorifying GC, perhaps you read too far into Martin's comments....I certainly did not and can recognize a good product when I see and use it.


Have you ever read Microsoft's EULA?...thats if you have the money to spend on a high priced lawyer to interpret it for you.


Unique ID's are also present in Microsoft and any other software products that "phone home."


Patently false...unproven hyperbole. It is easy to disable.


FUD, (Fear,Uncertainly, Doubt) Do you use Google, Yahoo, MSN etc with any web browser? Similar or the same info is collected. As for the auto suggest keystroke. You can download numerous code that allows any website to collect the search term info in a database. My work website has this functionality and the last I heard, we nor Google had used keyword auto-completion for any malicious reasons. If you are so worried about privacy, maybe it is time to give up the computer and internet...and while you are at, all your ID, phone numbers, job, friends, your house, bank accounts etc. These people who have and own this information know far more about you then an internet company..


Please....This was fixed sometime ago, next time try to be up to date with a security concern.


Insert any other words you wish and search, there is always someone with crusade against some product or service and has wrote about it....even Opera's


Thats what freedom of choice is all about.