Re: Microsoft security risk

Discussion in 'NZ Computing' started by Chris Wilkinson, Sep 27, 2003.

  1. Hi there,

    dOTdASH wrote:
    > "Peter" <> wrote in message
    > news:...
    >
    >>Some security experts have concluded that the Microsoft monoculture is a
    >>major security risk to society, particularly with the less knowledgable
    >>home users, who are now getting better computers and broadband

    >
    > connections.
    >
    >>The solution is to avoid Microsoft software, especially with important

    >
    > data
    >
    >>and functions, such as government and public utilities.
    >>
    >>Report by the Computer & Communications Industry Association (CCIA)
    >>http://www.ccianet.org/papers/cyberinsecurity.pdf
    >>
    >>
    >>Peter

    >
    > None of my Windows PC's has suffered from a worm or virus attack in the 10
    > or so years since I first connected one to the internet. Security is about
    > process *not* product.


    I presume you are technically oriented, and have the smarts to realise
    that security really is an issue for anyone wanting to net on a Win PC.

    If so you are probably representative of only the top 10% of intelligent
    lifeforms currently using Windows. Christ people knock me for not having
    'paper' Microsoft Word skills, but these people don't even know what a
    virus checker is, or why they should have one...until its too late...

    Kind regards,

    Chris Wilkinson, Christchurch.
     
    Chris Wilkinson, Sep 27, 2003
    #1
    1. Advertising

  2. Chris Wilkinson

    dOTdASH Guest

    "Chris Wilkinson" <> wrote in message
    news:...
    > Hi there,
    >
    > dOTdASH wrote:
    > > "Peter" <> wrote in message
    > > news:...
    > >
    > >>Some security experts have concluded that the Microsoft monoculture is a
    > >>major security risk to society, particularly with the less knowledgable
    > >>home users, who are now getting better computers and broadband

    > >
    > > connections.
    > >
    > >>The solution is to avoid Microsoft software, especially with important

    > >
    > > data
    > >
    > >>and functions, such as government and public utilities.
    > >>
    > >>Report by the Computer & Communications Industry Association (CCIA)
    > >>http://www.ccianet.org/papers/cyberinsecurity.pdf
    > >>
    > >>
    > >>Peter

    > >
    > > None of my Windows PC's has suffered from a worm or virus attack in the

    10
    > > or so years since I first connected one to the internet. Security is

    about
    > > process *not* product.

    >
    > I presume you are technically oriented, and have the smarts to realise
    > that security really is an issue for anyone wanting to net on a Win PC.
    >
    > If so you are probably representative of only the top 10% of intelligent
    > lifeforms currently using Windows. Christ people knock me for not having
    > 'paper' Microsoft Word skills, but these people don't even know what a
    > virus checker is, or why they should have one...until its too late...
    >
    > Kind regards,
    >
    > Chris Wilkinson, Christchurch.
    >


    Good point but a person's intelligence is not dependant upon the OS they
    install. Just imagine if all those non-technical people were using Linux.
    "Mayhem" is the word that springs to mind.
     
    dOTdASH, Sep 27, 2003
    #2
    1. Advertising

  3. Chris Wilkinson

    Gordon Guest

    On Sat, 27 Sep 2003 18:52:39 +1200, dOTdASH wrote:

    > Good point but a person's intelligence is not dependant upon the OS they
    > install. Just imagine if all those non-technical people were using Linux.
    > "Mayhem" is the word that springs to mind.


    Nevertheless, I would like to see the day.

    --
    Gordon

    Google knows where to find things, ask at http://www.google.com
    Works for me, will work for you, so be it.
     
    Gordon, Sep 27, 2003
    #3
  4. Hi there,

    dOTdASH wrote:
    > "Chris Wilkinson" <> wrote in message
    > news:...
    >
    >>Hi there,
    >>
    >>dOTdASH wrote:
    >>
    >>>"Peter" <> wrote in message
    >>>news:...
    >>>
    >>>
    >>>>Some security experts have concluded that the Microsoft monoculture is a
    >>>>major security risk to society, particularly with the less knowledgable
    >>>>home users, who are now getting better computers and broadband
    >>>
    >>>connections.
    >>>
    >>>
    >>>>The solution is to avoid Microsoft software, especially with important
    >>>
    >>>data
    >>>
    >>>
    >>>>and functions, such as government and public utilities.
    >>>>
    >>>>Report by the Computer & Communications Industry Association (CCIA)
    >>>>http://www.ccianet.org/papers/cyberinsecurity.pdf
    >>>>
    >>>>
    >>>>Peter
    >>>
    >>>None of my Windows PC's has suffered from a worm or virus attack in the

    >>

    > 10
    >
    >>>or so years since I first connected one to the internet. Security is

    >>

    > about
    >
    >>>process *not* product.

    >>
    >>I presume you are technically oriented, and have the smarts to realise
    >>that security really is an issue for anyone wanting to net on a Win PC.
    >>
    >>If so you are probably representative of only the top 10% of intelligent
    >>lifeforms currently using Windows. Christ people knock me for not having
    >>'paper' Microsoft Word skills, but these people don't even know what a
    >>virus checker is, or why they should have one...until its too late...
    >>
    >>Kind regards,
    >>
    >>Chris Wilkinson, Christchurch.

    >
    > Good point but a person's intelligence is not dependant upon the OS they
    > install. Just imagine if all those non-technical people were using Linux.
    > "Mayhem" is the word that springs to mind.


    Couldn't be any worse than the mayhem caused by recent rounds of viruses
    like W32.Swen.@@ rampaging across Windows systems around the globe. If
    you wanna think the Linux experience is an anorak-wearing, keyboard
    calisthenics, geek experience, go on...keep deluding yourself, but you
    seem to be coming from the default perspective of Windows devotees who
    think Linux sucks cos it isn't Windows. Thats why it doesn't suck, so
    if you need familiarity and are prepared to forgoe choice, stick with
    Windows...some of us want to have more choice than that...

    Kind regards,

    Chris Wilkinson, Christchurch.
     
    Chris Wilkinson, Sep 27, 2003
    #4
  5. Chris Wilkinson

    Max Burke Guest

  6. Hi there,

    Max Burke wrote:
    >>Chris Wilkinson scribbled:
    >>I presume you are technically oriented, and have the smarts to realise
    >>that security really is an issue for anyone wanting to net on a Win
    >>PC.

    >
    > http://www.viruslist.com/eng/viruslistfind.asp?findWhere=011&findTxt=linux


    Most of the articles on the other sites are speculative, and talk about
    what if's? Viruslist.com OTOH lists some known virii, but if you read
    about them you will see most are harmless and only basically replicate
    themselves across systems. Buffer overun is an issue seldom left unfixed
    by software authors, and is equivalent to a Window (pun intended) of
    opportunity the size of a needle in a haystack.

    Unfortunately the same cannot be said of Windows virii, many of which
    are capable of crippling entire networks of Windows machines...

    Your point with all these links was?

    Kind regards,

    Chris Wilkinson, Christchurch.
     
    Chris Wilkinson, Sep 28, 2003
    #6
  7. Hi there,

    Max Burke wrote:
    >>Chris Wilkinson scribbled:
    >>I presume you are technically oriented, and have the smarts to realise
    >>that security really is an issue for anyone wanting to net on a Win
    >>PC.

    >
    > http://www.viruslist.com/eng/viruslistfind.asp?findWhere=011&findTxt=linux


    That site contains virus info containing the word 'linux' for around 30
    viruses in total...

    This site tells us 10-15 are created every day...

    http://news.bbc.co.uk/1/hi/technology/3150351.stm

    In two days more viruses are created to infect Windows PC's than exist
    in TOTAL for linux...

    Kind regards,

    Chris Wilkinson, Christchurch.
     
    Chris Wilkinson, Sep 28, 2003
    #7
  8. Chris Wilkinson

    Peter Guest

    this quote is from Chris Wilkinson of Sun, 28 Sep 2003 13:37 :
    > Max Burke wrote:
    >>

    http://www.viruslist.com/eng/viruslistfind.asp?findWhere=011&findTxt=linux
    >
    > Most of the articles on the other sites are speculative, and talk about
    > what if's? Viruslist.com OTOH lists some known virii, but if you read
    > about them you will see most are harmless and only basically replicate
    > themselves across systems.


    More than that, these malware only work if you run them with root
    privileges, they simply don't work for ordinary users.
    OK, given time, maybe we'll get enough ignorant people running Linux as
    root. But even then, it is a simple thing to learn (ie not run as root).
    There is no easy way for Windos users to avoid viruses to this extent.

    Furthermore, if Linux viruses are as prevalent as Max would has us believe,
    how come all those worms probing my ports are looking for Windows exploits,
    not Linux?

    Linux isn't immune to malware, it is just _much_ more resistant.


    Peter
     
    Peter, Sep 28, 2003
    #8
  9. Chris Wilkinson

    Max Burke Guest

    > Chris Wilkinson scribbled:
    > I presume you are technically oriented, and have the smarts to
    > realise that security really is an issue for anyone wanting to net
    > on a Win PC.


    snip....

    > Your point with all these links was?


    I presume you are technically oriented, and have the smarts to realise
    that security really is an issue for *anyone* wanting to net on *ANY PC
    no matter WHAT OS they use.*

    --
    mlvburke@#%&*.net.nz
    Replace the obvious with paradise to email me.
    See Found Images at:
    http://homepages.paradise.net.nz/~mlvburke/
     
    Max Burke, Sep 28, 2003
    #9
  10. Chris Wilkinson

    Lennier Guest

    On Sun, 28 Sep 2003 13:47:49 +1200, Chris Wilkinson wrote:

    > In two days more viruses are created to infect Windows PC's than exist in
    > TOTAL for linux.


    And, Linux viruses do not easily survive in the "wild".

    In fact, IIRC, no Linux virus has successfully infected and propagated
    itself in the wild.

    Lennier
     
    Lennier, Sep 28, 2003
    #10
  11. Hi there,

    Max Burke wrote:
    >>Chris Wilkinson scribbled:
    >>I presume you are technically oriented, and have the smarts to
    >>realise that security really is an issue for anyone wanting to net
    >>on a Win PC.

    >
    > snip....
    >
    >>Your point with all these links was?

    >
    > I presume you are technically oriented, and have the smarts to realise
    > that security really is an issue for *anyone* wanting to net on *ANY PC
    > no matter WHAT OS they use.*


    Thats true. But even if my PC wasn't secured by a firewall what is the
    likelihood that W32.SoBig and all the other Windows related virii would
    even be remotely of concern to me?

    My Linux firewall is there preventing online hacking, but I don't use or
    need a virus checker. Try making your Win PC survive any more than a few
    days on the net without your AV software...impossible!

    Kind regards,

    Chris Wilkinson, Christchurch.
     
    Chris Wilkinson, Sep 28, 2003
    #11
  12. Chris Wilkinson

    Max Burke Guest

    > Chris Wilkinson scribbled:

    >> Max Burke wrote:
    >> I presume you are technically oriented, and have the smarts to
    >> realise that security really is an issue for *anyone* wanting to net
    >> on *ANY PC no matter WHAT OS they use.*


    > Thats true. But even if my PC wasn't secured by a firewall what is the
    > likelihood that W32.SoBig and all the other Windows related virii
    > would even be remotely of concern to me?
    > My Linux firewall is there preventing online hacking, but I don't use
    > or need a virus checker. Try making your Win PC survive any more than
    > a few days on the net without your AV software...impossible!


    You know what Chris.....
    If I have to be an 'advocate' for linux like you in in this newsgroup I
    will NEVER be a linux 'advocate' let alone a user of Linux.

    You do NOTHING to advocate for linux with attitudes like this; You just
    make yourself look stupid, an idiot, and most of all give linux a bad
    name.
    It's apparent that many Linux [ab]users (like yourself) seem to believe
    this is the best and *ONLY* way to be an adovcate for Linux.
    It isn't.

    It turns most people off from ever considering Linux, mostly because we
    dont want to be an 'advocate' like *you.*

    Isn't it about time you grew up?

    So here's what it does mean: Linux is a normal operating system; so is
    XP. Both have bugs, some major, some minor. Anyone who tells you that
    Linux is "inherently more secure" or "much less buggy" than XP simply
    isn't working from current facts. The reality is that bugs happen, even
    in Linux: Get over it.
    http://www.informationweek.com

    --
    mlvburke@#%&*.net.nz
    Replace the obvious with paradise to email me.
    See Found Images at:
    http://homepages.paradise.net.nz/~mlvburke/
     
    Max Burke, Sep 28, 2003
    #12
  13. Chris Wilkinson

    Lennier Guest

    On Sun, 28 Sep 2003 22:44:17 +1200, Max Burke wrote:

    > You do NOTHING to advocate for linux with attitudes like this; You just
    > make yourself look stupid, an idiot, and most of all give linux a bad
    > name.


    Hmmm...

    So you cannot address the fact that Linux is superior than Windows,
    therefore you attack the person who made that point.

    The simple fact is that there are no viruses in the wild for Linux.

    Linux, therefore, is the better system for use as a firewall - better than
    any version of Windows.

    Lennier
     
    Lennier, Sep 28, 2003
    #13
  14. Chris Wilkinson

    pbs Guest

    Lennier wrote:
    > On Sun, 28 Sep 2003 13:47:49 +1200, Chris Wilkinson wrote:
    >
    >
    >>In two days more viruses are created to infect Windows PC's than exist in
    >>TOTAL for linux.

    >
    >
    > And, Linux viruses do not easily survive in the "wild".
    >
    > In fact, IIRC, no Linux virus has successfully infected and propagated
    > itself in the wild.


    The slapper worm did (september 2002):
    http://msn-cnet.com.com/2104-1001_3-958758.html?tag=bplst
     
    pbs, Sep 28, 2003
    #14
  15. "Max Burke" <mlvburke@%$%#@.nz> wrote in message
    news:hYydb.4282$...
    > > Chris Wilkinson scribbled:

    >
    > >> Max Burke wrote:
    > >> I presume you are technically oriented, and have the smarts to
    > >> realise that security really is an issue for *anyone* wanting to net
    > >> on *ANY PC no matter WHAT OS they use.*

    >
    > > Thats true. But even if my PC wasn't secured by a firewall what is the
    > > likelihood that W32.SoBig and all the other Windows related virii
    > > would even be remotely of concern to me?
    > > My Linux firewall is there preventing online hacking, but I don't use
    > > or need a virus checker. Try making your Win PC survive any more than
    > > a few days on the net without your AV software...impossible!

    >
    > You know what Chris.....
    > If I have to be an 'advocate' for linux like you in in this newsgroup I
    > will NEVER be a linux 'advocate' let alone a user of Linux.
    >


    You wouldn't be any good at it Max
    Its a good idea to protect a Windows computer or any other computer with a
    non Windows separate firewall.
    There is no guarantee that the Windows built in firewall won't be
    compromised or switched off by a virus or exploit.
    There are plenty of embedded hardware firewall boxes available now.
    Internally they have Linux or BSD kernels.
    I know Windows software developers that keep all their files on a Debian
    samba server with backups.
    They develop internal risk audit software used by banks and corporations.
    One of the risks is that of a computer virus propagating in their internal
    network. They have VPN to offices in Toronto, London etc. They run Symantec
    AV corporate edition, but there is a risk now that a virus will propagate
    faster than the AV definition of it. So they back up their Windows desktops
    to debian Linux servers, use Linux for everything outside the Linux
    firewall. They have no intention of changing the desktops and notebooks from
    Windows.
    But they know Linux keeps their data safe.
     
    Olson Johnson, Sep 28, 2003
    #15
  16. Chris Wilkinson

    T.N.O. Guest

    "Chris Wilkinson" wrote
    > Try making your Win PC survive any more than a few
    > days on the net without your AV software...impossible!


    I actually did this during the blaster outbreak... didn't effect me.
     
    T.N.O., Sep 29, 2003
    #16
  17. Chris Wilkinson

    T.N.O. Guest

    "Lennier" wrote
    > So you cannot address the fact that Linux is superior than Windows,
    > therefore you attack the person who made that point.


    Depends on the use.

    > The simple fact is that there are no viruses in the wild for Linux.


    From memory there were 3... I cant name them, as I have no idea where I read
    such info, all that was lost was user data...

    > Linux, therefore, is the better system for use as a firewall - better than
    > any version of Windows.


    well that depends, really you could argue till the cows come home about this
    one... infact, probably a dedicated firewall would be better than a linux
    box at firewalling, but at what cost(meaning $$$, usability, extra features)
     
    T.N.O., Sep 29, 2003
    #17
  18. Chris Wilkinson

    AD. Guest

    On Mon, 29 Sep 2003 08:08:30 +1200, pbs wrote:

    > Lennier wrote:
    >> On Sun, 28 Sep 2003 13:47:49 +1200, Chris Wilkinson wrote:
    >>
    >>
    >>>In two days more viruses are created to infect Windows PC's than exist
    >>>in TOTAL for linux.

    >>
    >>
    >> And, Linux viruses do not easily survive in the "wild".
    >>
    >> In fact, IIRC, no Linux virus has successfully infected and propagated
    >> itself in the wild.

    >
    > The slapper worm did (september 2002):
    > http://msn-cnet.com.com/2104-1001_3-958758.html?tag=bplst


    I know the media mixes them up all the time, but worms and viruses really
    are different beasts.

    A worm is a program that copies itself to other computers via an exploit
    of some sort. ie it spreads itself over a network, and runs itself.

    A virus is code that infects other programs (or files eg word docs) that
    are present within a computer. ie it gets triggered by a user running an
    infected executable, loads itself into memory and infects other programs.

    Note that a hybrid nasty could be both a worm and a virus.

    Nobody claims Linux doesn't get affected by worms, but it is entirely
    reasonable to claim it doesn't get affected by viruses (except in the lab).

    One difference between Windows and Linux that makes email viruses easier
    on Windows, is that Windows uses a file extension to check whether
    something should be executable. On unix like systems, the user has to
    explicitly give a file execute permissions before it can be run.

    Whether windows thinks something is executable or not is in the
    hands of whoever named the file/attachment (ie outside your control),
    while on unix it's in your control. Hence the classic joke about the unix
    honour system virus.

    Worms typically spread via software exploits, while viruses tend to be
    triggered by user actions. Nearly all viruses these days spread via email
    - the old boot sector and word doc variants don't seem so popular anymore.

    Cheers
    Anton
     
    AD., Sep 29, 2003
    #18
  19. Chris Wilkinson

    AD. Guest

    On Mon, 29 Sep 2003 13:20:41 +1200, T.N.O. wrote:

    > "Chris Wilkinson" wrote
    >> Try making your Win PC survive any more than a few days on the net
    >> without your AV software...impossible!

    >
    > I actually did this during the blaster outbreak... didn't effect me.


    Yeah, AV software could be described as defence against user error
    (errors of judgement) rather than viruses.

    If you aren't stupid enough to run a virus, you don't need AV software. AV
    software can be a case of the cure being worse than the disease in terms
    of system stability and resource sapping - unless of course you do
    actually attempt to run viruses occasionally.

    Cheers
    Anton
     
    AD., Sep 29, 2003
    #19
  20. Chris Wilkinson

    T.N.O. Guest

    "AD." wrote
    > If you aren't stupid enough to run a virus, you don't need AV software.


    yes and no... they are kinda like airbags, you shouldn't need them, but it
    cant hurt(too much) to have one there anyway.

    and on that note, I read about a guy who was driving home drunk, and
    drinking at the time, ran into a lamp post, and the airbag shoved the bottle
    down his throat, cutting off his air supply... hows that for a nasty way to
    die. yck...
     
    T.N.O., Sep 29, 2003
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Steve Young

    Windows Media Player 9 is a security risk

    Steve Young, Oct 22, 2003, in forum: Digital Photography
    Replies:
    230
    Views:
    3,233
    Mxsmanic
    Nov 10, 2003
  2. Wireless Devices - Security Risk?

    , Jun 9, 2004, in forum: Computer Security
    Replies:
    1
    Views:
    458
    Colonel Flagg
    Jun 9, 2004
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Information Security Risk Analysis", Thomas R. Peltier

    Rob Slade, doting grandpa of Ryan and Trevor, Jun 21, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    726
    Rob Slade, doting grandpa of Ryan and Trevor
    Jun 21, 2004
  4. Nathan Mercer

    Re: Microsoft security risk

    Nathan Mercer, Sep 26, 2003, in forum: NZ Computing
    Replies:
    39
    Views:
    826
    T.N.O.
    Sep 30, 2003
  5. Nathan Mercer

    Re: Microsoft security risk

    Nathan Mercer, Oct 1, 2003, in forum: NZ Computing
    Replies:
    4
    Views:
    389
    Mainlander
    Oct 2, 2003
Loading...

Share This Page