I was really tickled to read a tweet from someone in the Seattle area who wanted to run some new fangled (but time-bombed though) MS operating system on his new machine. Apparently he “could not find an anti-virus product” for that new fangled operating system. My question really is, why is it that in the year 2009, Microsoft cannot make operating systems that do not ever need anti-virus software? It cannot build any operating system that is safe and virus-proof?
I know of many individual engineers in Microsoft and I know that they are competent and intelligent. Their respective intelligence and diligence I think does not hold out to the collective intellectual failure of management and product marketing in that organization which leads them to constantly put out operating systems that are so far below par, that it continues to be a running industry joke – even after almost 19 years after win3.0 was released. #fb
If Linux was the dominant operating system in the world by a similar degree to Windows’ dominance, you can bet there’d be a good many viruses for it. Maybe it wouldn’t be as bad, but Windows suffers a lot from being the biggest target, quite apart from its history of insecurity.
Sorry, you are completely wrong. If I were to go by your analogy, then Apache will be rife with isssue given the fact that it is the largest deployed webserver on the planet. And yet, it is IIS that is thrashed. It is NOT the number of people using a tool that determines if it is at risk, it has to do with how the tool is built and designed in the first place. Windows is not, Linux is.
As much as I would like to bash Microsoft…
this is not an area where I can bash them.
1) Anti-virus software is mostly malware detection these days. Most true viruses come in waves with most of the stuff that causes problems are worms or other malware. Companies sell it as anti-virus because it is sexier than anti-malware or deworming.
2) The areas that are problems in say IIS are mostly the same in Apache.. connectors to other programs. Having watched several waves of ‘worms’ take out various Linux web boxes over the last six months.. Linux has its own problems. All of the worms used either programs or problems in mod_xxx to get out of the program and replicate itself.
3) Most of the ssh brute-force worms are based off of Linux boxes. The usual responses I get when informing people they have a problem is:
a) We can’t. We run Linux
b) Viruses don’t run on Linux (even if I don’t say its a virus).
c) Maybe some windows box is spoofing our Linux box.
d) Oh crap..
The issue is that technically Linux is more resitant to viruses but has its own problems with ssh-worms and spam servers… and people who throw stones at glass houses inevitably get cut the worst way.
Re: As much as I would like to bash Microsoft…
Thanks, Smooge for the good comments.
I do think that MS is really trying hard to lock down their systems – they have to. It still appears that they are not helping their own cause with the ongoing image.
+1 smooge
I agree entirely with smooge. It is not possible to build a “safe and virus-proof” general-purpose operating system. I wrote a post on the topic a while back:
http://www.happyassassin.net/2009/01/20/on-linux-securityon-linux-security/
Re: +1 smooge
Gah.
http://www.happyassassin.net/2009/01/20/on-linux-security
Re: +1 smooge
Adam –
Thanks for your post and your blog entry. It is indeed very true that anything can happen to any computer no matter what. The real question one has to answer is the degree of ease a system can be compromised. I once had a RHL8 machine rooted – all because I had shared the root password with someone who was ever too keen to install stuff willy-nilly.
As with managing the H1N1 situation, it is all about minimizing risks by smart practises. If the underlying condition of a person infected by H1N1 is one of weakness (perhaps has a diabetic condition, or an asthmaic situation or HIV), then the person is of elevated risk of dying.
I would argue that in the Linux/Unix world, that is not the situation we are in. There isn’t an underlying weakness. Like you point out, the multi-userness of the operating system mitigates the damage and tends to be bounded by the home directory of the user. This, rather simplistic model, is not even available in that Redmond OS. There are many reasons for that (initial poorly thoughtout design, legacy systems etc etc), but to persist with that model in 2009 is, IMHO, appaling.
So, yes, Linux/Unix is not and never can be 100% secure (and no one ever said it would be), but given a choice, I will go with that than Windows.
People
Operating system security isn’t the only factor in the spread of viruses.
You can create a very successful virus that gets what it needs by asking nicely…
Granted, it won’t infect as many machines… but as long as there are inexpert users there will be malware that gets them just by asking, this is a vulnerability that means anti-virus type software will always be needed for the mass market
This so-called “operating system that [is] so far below par” and a “running industry joke” has about 70-80% market share today.
I’m sure companies like Apple and RedHat would love to be that in that industry joke position to have that kind of market share, won’t they? 🙂
And how did they get into that percentage of marketshare? Plain and simple monopolistic business practises. They coerced, confused and plain threatened OEMs. ’nuff said.
thanks
http://www.pogramlar1.com