All Things Microsoft > Microsoft Software
Windows Sucks
muzzy:
No update shit? Then why don't we install a few year old openbsd as well? Oh, but that wouldn't be fair now would it? You can slipstream windows installation cds with patches and hotfixes, so that it installs a patched version right off the CD. Isn't that enough?
"Take the security from any angle you want", and we'll find that security is identical, neither system is vulnerable to known remote attacks. We could check historical remote vulnerabilities, in which case openbsd would probably win (unless I considered w2k3 to be firewall enabled). I still remember when they changed their slogan, though. They used to say "No remote holes in default install for x years", and now it's "Only one". I made that joke on irc, that they could change it like that. Everyone laughed, it was funny. And then they really changed it like that...
Either way, theoretical security only applies against threats you define. If we think of all the real world threats out there, there are script kiddies and then there are the insider kind of ones. If you think a script kiddie can hack w2k3, why don't you go attack http://www.hackiis6.com/ instead. They've only patched the system, that's all. Well, and they installed IIS6 to provide some real attack vectors. When you think of insider attacks, the system doesn't matter so much, only how people have been given access to resources and yaddayadda.
Either way, I'd feel OK running a w2k3 box open to the internet. I'd feel secure sitting on it, watching people portscan me while I sip my ice tea with grin on my face. I wouldn't need any third party security software to do so (well, except a sniffer to see the portscans, but that's just added bonus)
BobTheHob:
--- Quote from: muzzy ---No update shit? Then why don't we install a few year old openbsd as well? Oh, but that wouldn't be fair now would it? You can slipstream windows installation cds with patches and hotfixes, so that it installs a patched version right off the CD. Isn't that enough?
"Take the security from any angle you want", and we'll find that security is identical, neither system is vulnerable to known remote attacks. We could check historical remote vulnerabilities, in which case openbsd would probably win (unless I considered w2k3 to be firewall enabled). I still remember when they changed their slogan, though. They used to say "No remote holes in default install for x years", and now it's "Only one". I made that joke on irc, that they could change it like that. Everyone laughed, it was funny. And then they really changed it like that...
Either way, theoretical security only applies against threats you define. If we think of all the real world threats out there, there are script kiddies and then there are the insider kind of ones. If you think a script kiddie can hack w2k3, why don't you go attack http://www.hackiis6.com/ instead. They've only patched the system, that's all. Well, and they installed IIS6 to provide some real attack vectors. When you think of insider attacks, the system doesn't matter so much, only how people have been given access to resources and yaddayadda.
Either way, I'd feel OK running a w2k3 box open to the internet. I'd feel secure sitting on it, watching people portscan me while I sip my ice tea with grin on my face. I wouldn't need any third party security software to do so (well, except a sniffer to see the portscans, but that's just added bonus)
--- End quote ---
I find it funny that you choose all the good parts (which are mostly fictious anyway) and ignore all the obvious important stuff.
1. A script kiddie is just that, a fucking script kiddie, they dont fucking need to know how to hack cuz some lowlife releases tools for them.
2. "(unless I considered w2k3 to be firewall enabled)" your fucking retarded and ignorant. Do you not fucking think most OpenBSD installs have firewalls, I always knew you were stupid.
3. YOU have to worry about local security, cuz you use windows and don't know how to admin it properly, YOU also have to worry about remote security because you use windows. I on the other hand, have all my boxes in lock down, locked cases, passes on the bios's and all user accounts, in the manner of a smart sys-admin.
4. IIS is trash, you should probably use Apache.
muzzy:
1. Script kiddies are still the biggest remote threat to most people. Those, and worms, which are practically automated script kiddies.
2. Well, if we consider firewalled w2k3 vs any OS, I don't think either one will have ANY remote vulnerabilities if the system is passive to any communication attempts. You'd need to have the system connect somewhere first before you could think of remote vulns, and openbsd doesn't count those as "remote" either.
3. So we're now comparing competent *nix admin to incompetent win* admin? It's obvious which one is better, and it doesn't have anything to do with OS, but the level of competence. Apples to oranges...
4. Apache is trash on windows, as is a lot of other stuff. They've been developed on *nix, without any concern to performance on win32 environment. There are lots of things in windows which allow you to write a high performance web server, and apache isn't using them (afaik). Also, since the developers are so *nix-centric, there have been security holes in apache which only apply to the windows version. For example, a hardcoded '/' directory separators. At least IIS performs fast, it's loathed only because of its history of security holes. Apache has had a lot of security holes as well, yet nobody ever cares to mention about them, even the critical remote code execution holes...
So, I chose "all the good parts" and ignored obvious stuff? If your statements above are the obvious stuff, you're basically saying that windows sucks because windows users suck, among other things.
Aloone_Jonez:
--- Quote from: muzzy ---Anti-virus isn't a software, it's a service. Next you'll be bitching that you can't get network connectivity without paying to third party, either! Boo hoo.
Windows doesn't need antivirus to be secure.
Windows doesn't need third party firewall to be secure.
Windows works just fine out of the box, as long as you're installing a version with latest service pack and so on.
Anyway, if you define "third party" as in "Separate download", we indeed won't be getting anywhere. Even though Redhat and others distribute software, they haven't made it and it's not their software. They just have the right to redistribute it.
Now, if you're trying to make this issue bigger than it is and say it affects Windows negatively, there's nothing to discuss. In my opinion, you just can't compare the two. If you're saying that Microsoft's monopoly on their own OS is a bad thing, we can discuss that. I'd indeed love it if people could make their own Windows installation CDs with loads of software on them. This would put different specific distributions comparable again.
Windows as an operating system kicks ass and wins linux in most tasks severely. The problem here is that you're comparing apples to oranges, comparing GNU system loaded with shitloads of third party software to a Microsoft operating system with no third party software. Obviously, if you choose what to compare to what and under what terms, you can make anything win or lose upon will. What's the point?
--- End quote ---
So why was it when I first got my PC with a Windows OEM install I got the netsky worm when I went on the Internet?
The supplyier said the anti-virus was up to date but it wasn't.
muzzy:
--- Quote from: Aloone_Jonez ---So why was it when I first got my PC with a Windows OEM install I got the netsky worm when I went on the Internet?
The supplyier said the anti-virus was up to date but it wasn't.
--- End quote ---
So, the supplier was clueless and didn't provide you a patched system. Tough luck, that's not Microsoft's fault. You could've just as well bought insanely old red hat, and observed it dying on you when you connected it to the internet, woo-pe-doo.
Either way, the first thing you're supposed to do with a new computer (no matter what OS), is to check that it's patched up to date. This can be hard without connecting it to the internet first, but that's not a Windows-specific problem. Back in the old days, when linux remote crashing bugs got published, a friend of mine had to download patches to his linux system with his windows installation. It simply wasn't possible for him to download them with linux, since he was under constant flood of the attack.
That's just the nature of the problem, deal with it. Has nothing to do with anti-virus.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version