OSDev.org

frank wrote:So if you don't like Microsoft or Windows don't use it and don't complain about the fact that there are 100,000 people looking for ways to hack windows and 40 looking for ways to hack everything else.

I really don't think that the reason there are so many security holes found in Windows is that the operating system is under too much scrutiny. Unix/Linux still make up a sizable share of the server market (I remember reading 30% recently, but don't quote me on that), and it would be worthwhile for hackers to target 30% of servers.

I think one of the reasons that Windows has so many discovered security vulnerabilities is best summed up here. I personally don't think its a good idea to keep bugs and hacks in an operating system just so a buggy application works. It seems like a recipe for disaster, since dirty hacks tend to be open to buffer overflows and similar security vulnerabilities.

In any case, the biggest security vulnerability in a Windows system is a design choice, not a bug. Until Vista, most users ran on administrator accounts, and as soon as a piece of malware was able to run some code the computer was under it's control. In Vista, there is at least an effort with UAC to keep normal programs from gaining full access. This was a case of too little, too late because many applications already did things like write configuration files in their installation directories that now require elevation. Almost anyone who uses Vista is trained to just hit the 'Yes' button when UAC warns them, since it pops up so often.

Linux/Unix use a similar system with su/sudo, but at least programs on these operating systems know their limitations and don't require too much privilege escalation. If a program on Linux asks me for root privileges, and it doesn't seem like it should be doing anything that needs it, I take a look before I hit OK. But if a virus on my Windows machine threw a UAC elevation request at me, I would just assume its okay because I see it so often and I can't look up all of them.

JohnnyTheDon wrote:

frank wrote:So if you don't like Microsoft or Windows don't use it and don't complain about the fact that there are 100,000 people looking for ways to hack windows and 40 looking for ways to hack everything else.

I really don't think that the reason there are so many security holes found in Windows is that the operating system is under too much scrutiny. Unix/Linux still make up a sizable share of the server market (I remember reading 30% recently, but don't quote me on that), and it would be worthwhile for hackers to target 30% of servers.

I think one of the reasons that Windows has so many discovered security vulnerabilities is best summed up here. I personally don't think its a good idea to keep bugs and hacks in an operating system just so a buggy application works. It seems like a recipe for disaster, since dirty hacks tend to be open to buffer overflows and similar security vulnerabilities.

In any case, the biggest security vulnerability in a Windows system is a design choice, not a bug. Until Vista, most users ran on administrator accounts, and as soon as a piece of malware was able to run some code the computer was under it's control. In Vista, there is at least an effort with UAC to keep normal programs from gaining full access. This was a case of too little, too late because many applications already did things like write configuration files in their installation directories that now require elevation. Almost anyone who uses Vista is trained to just hit the 'Yes' button when UAC warns them, since it pops up so often.

Linux/Unix use a similar system with su/sudo, but at least programs on these operating systems know their limitations and don't require too much privilege escalation. If a program on Linux asks me for root privileges, and it doesn't seem like it should be doing anything that needs it, I take a look before I hit OK. But if a virus on my Windows machine threw a UAC elevation request at me, I would just assume its okay because I see it so often and I can't look up all of them.

Try out Comodo, it's annoying at first but once it's trained it'll keep your system safe.