Bonum Certa Men Certa

UNIX/Linux Offer More Security Than Windows: Evidence

"Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system..."

--Dennis Fisher, August 7th, 2008



Peter Kraus and David Gerard drew attention to the following interview with an author of adaware a few days ago. It explains in simple terms why Windows is inherently lacking in terms of security as it accommodates intrusion, despite all the denialist spinning [1, 2, 3]. Here is just a portion of this interview:

Eventually, instead of writing individual executables every time a worm came out, I would just write some Scheme code, put that up on the server, and then immediately all sorts of things would go dark. It amounted to a distributed code war on a 4-10 million-node network.

S: In your professional opinion, how can people avoid adware?

M: Um, run UNIX.

S: [ laughs]

M: We did actually get the ad client working under Wine on Linux.

S: That seems like a bit of a stretch!

M: That was a pretty limited market, I’d say.



Patching



Earlier in the week we found reports of new holes in Windows.

As previously announced, Microsoft has released a security update for Windows to close a total of three holes in the SMB protocol implementation. All three holes are based on buffer overflows. Two of them can apparently be exploited to inject and execute code remotely, without previous authentication. The third buffer overflow reportedly only causes the computer to reboot.


This is a lot more serious than Microsoft wants people to realise.

Microsoft Patch Tuesday bug is scary



THE FIRST Patch Tuesday fix of 2009 put out by Microsoft addresses a dangerous security vulnerability in its Server Message Block (SMB) protocol, or so say some insecurity experts


Botnets



"It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks. Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere."

--Jim Allchin, Microsoft



The pace of infection is very high and one worm alone is claimed to have seized millions of Windows-run computers in just one day.

The computer worm that exploits a months-old Windows bug has infected more than a million PCs in the past 24 hours, a security company said today.


One worm alone is spreading like wildfire.

Report: 2.5 million PCs infected with Conficker worm



According to F-Secure, there are already almost 2.5 million PCs infected with the Conficker worm, also known as Downadup. Since the worm has the ability to download new versions of itself, it is expected that the infection could spread much further. The new code is downloaded from domain names generated with a complex algorithm, making it hard to predict what domains will be used to spread the worms updates.


About 300 million PCs are still primed to become zombies too because of this one flaw.

With nearly a third of all Windows systems still vulnerable, it's no surprise that the "Downadup" worm has been able to score such a success, Kandek said. "These slow [corporate] patch cycles are simply not acceptable," he said. "They lead directly to these high infection rates."


In general, it is estimated that 98% of Windows PCs are ripe for hijacking [1, 2].

Attacks



Is there room for some humour in all this?

Here's a new way to get Microsoft to pay attention to you: Slip a brief message into the malicious Trojan horse program you just wrote.

That's what an unnamed Russian hacker did recently with a variation of Win32/Zlob, a Trojan program victims are being tricked into installing on their computers.

The message is surprisingly cordial, given that Microsoft's security researchers spend their days trying to put people like Zlob's author out of business. "Just want to say 'Hello' from Russia. You are really good guys. It was a surprise for me that Microsoft can respond on threats so fast," the hacker wrote, adding, "Happy New Year, guys, and good luck!"


E-mail



Many people remember Windows for submarines -- a fiasco that reportedly led to the departure of many angry engineers. Well, not more than a month passes by and the Royal Navy, which runs Windows, gets stung by a virus infection that causes harm. Interestingly enough, the report from The Register mentions only lost E-mail as the severe consequence, but surely there is considerably more.

The Ministry of Defence confirmed today that it has suffered virus infections which have shut down "a small number" of MoD systems, most notably including admin networks aboard Royal Navy warships.

The Navy computers infected are the NavyStar (N*) system, based on a server cabinet and cable-networked PCs on each warship and used for purposes such as storekeeping, email and similar support functions. N* ship nets connect to wider networks by shore connection when vessels are in harbour and using satcomms when at sea.


It is no surprise that the United States military gradually moves to Red Hat Linux. Crucial operations were getting stung by Windows, even in the recent past.

Along with a rise of botnets, whose masters exploit vulnerabilities in Windows, comes a lot more SPAM as well. SPAM affects everyone.

The demise late last year of four of the world's biggest spam botnets was good news for anyone with an email inbox, as spam levels were cut in half - almost overnight. But the vacuum has created opportunities for a new breed of bots, some of which could be much tougher to bring down, several security experts are warning.


This short report is based on just a few days. Nothing has improved -- security-wise -- in Microsoft's product line.

"Usually Microsoft doesn't develop products, we buy products. It's not a bad product, but bits and pieces are missing."

--Arno Edelmann, Microsoft's European business security product manager

Comments

Recent Techrights' Posts

Dispelling the Notion That Microsoft is Political Left
Microsoft not only got bailed out (several times) by Donald Trump but also approached him to take over TikTok without paying for it
Slow But Ongoing Mass Layoffs at EPO, Estimates That Nearly Half of the FOs Will be Made Redundant Soon
When you cease to care about validity and quality of patents you're granting why bother with humans at all?
[Video] Richard Stallman's New Talk in Germany Covers What Free Software Means, Why LLMs are "Bullshit", and Lots More (Web3 Summit 2024 Berlin)
Closing Keynote Day 3 - Dr. Richard Stallman - Web3 Summit 2024 Berlin
The Peril of the Electronic Frontier Foundation (EFF) Illuminates the Dangers of Founders Leaving or Being Forced Out
Whatever you may think they stand for, you risk being fixated on what they originally were and perhaps what their Web sites still say
Difficult Times at Soylent News
We hope that Soylent News will recover from this
Crimes of the EPO Are Costing Everybody in Europe
Since virtually everyone in Europe is a user of software (almost nobody is a forest dweller like in countries near the equator), this impacts everybody
 
Certificate Authority Let's Encrypt Has Fallen From 12% in Geminispace to Just 1.2% in Two Years (Capsules Usually Self-Sign Their Certificates)
Don't ask the imposters about security
The "IT Industry" is Full of Imposters (It's a Growing Crisis)
They often manage the companies
Richard Stallman Explains Stochastic Parrots (LLMs)
From his latest talk
The Toys of Today's Kids and Coordination Woes, Not to Mention a Lack of Social Skills
Too much time indoors, too much screen time
Linus Torvalds, the Son of a Politician, Tries to Stay Out of Politics (or Political Topics)
"I'm just a geek" has its limits in practice
Richard Stallman Still Deals With Politics
Stallman's gonna Stallman
GAFAM Not Invincible
The US has an election very soon and Microsoft is already bribing candidates for deregulation and favours, based on press reports
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 10, 2024
IRC logs for Tuesday, September 10, 2024
The Greatest Show on Earth (Buzzwords Circus)
What next? Being denied medical service because you don't have a Facebook account?
Gemini Links 11/09/2024: Happiness, Improvised Nebuliser, and olden Age of Palm OS
Links for the day
Julian Assange's Father Turns 80 and They Show Themselves in Melbourne
Will he be active in Wikileaks soon?
[Teaser] EPO Tightening Its Belt
who didn't see this coming?
Are Lawsuits Over EPO Corruption Next?
Why does the mainstream media not cover it?
Europe's Second Largest Institution, the EPO, Exploits Lack of Oversight to Commit Crimes Every Day
Immunity begets impunity, which in turn begets crime
Transcript of Latest Public Talk by Dr. Richard M. Stallman (RMS), Delivered Last Month at Web3 Summit 2024 Berlin
quick-and-dirty transcription
Links 10/09/2024: Big Brother Awards Germany 2024 and Telling the Unemployed to 'Drive Uber'
Links for the day
Gemini Links 10/09/2024: DUIs and Useless Analytics
Links for the day
New Article in redhat.com: How to Install Microsoft Windows
That's just about as bad as that sounds...
OSI's Blog is Still 100% Microsoft-Sponsored Attacks on Free/Open Source Software
OSI is a compromised, defunct body. It exists to serve the enemies of its original mission.
A Decade Ago Things Became So Bad at the European Patent Office (EPO) That Staff Jumped Out the Window During Working Hours
Colleagues saw the suicide; the EPO's response wasn't to tackle the causes but to bolt down the windows (like factories in China installing controversial 'suicide nets')
Red Hat is Suing to Protect From Patent Trolls
Why doesn't Red Hat (IBM) also lobby to eliminate all software patents once and for all?
COVID-19 Ushered in Attacks on Human Rights and Things They Said They Had Introduced Temporarily Are Still in Effect/Operation Today
COVID-19 changed a lot of things
Quitting Academia When Its IT Systems Are Dominated by Clowns Who Outsource
It seems like a common trajectory
Why the Free Software Foundation (FSF) Owning or Renting Office Space Mattered
"In the long term, the FSF needs to own its future office space, but then the deadly risk is that the property ownership becomes the end goal rather than software freedom."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 09, 2024
IRC logs for Monday, September 09, 2024
Free Software Foundation (FSF) Probably Has No Choice But to Shut Down Its Office
Net Income -$686,366
Nearly Two Years After Quitting My Job
My colleagues and I were bullied by managers (grievance complaint got filed) who didn't even know what "Linux" was
Terms of Service (TOS) Under Scrutiny - Part XVIII - In Conclusion
Many activities can be done offline without having to sign anything
Modern spyware and the problems of "Discord newspeak"
The history of modern instant messaging...
Links 09/09/2024: More Trash Balloons and Collapse of Real Estate Market in China
Links for the day
Gemini Links 09/09/2024: ROOPHLOCH and More
Links for the day
Wrong Priorities at IBM
Lavish spendings on a 16-year contract for the most expensive place while firing tens of thousands of staff
Links 09/09/2024: LLMs Manipulated to Lie, More Corruption Found in COVID-19 Contracts
Links for the day
The Best Interface is Outdoors, It's Nature!
Not everything should be replaced by or emulated by digital devices
Terms of Service (TOS) Under Scrutiny - Part XVII - A Personal Perspective
The bottom line is, it's possible to reduce (albeit not entirely eliminate) how many things one signs, presses "OK" on and so on
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 08, 2024
IRC logs for Sunday, September 08, 2024
Always Taking Things Up a Notch
Nothing will stop us
[Meme] EPO Keeps Masking Its Corruption With "Diversity and Inclusion" (Hiring the Wife of a Friend of Someone Who Bribed His Way Into EPO Presidency)
chain of nepotism
Very Large EPO Applicants Now Threaten a Boycott of the EPO (the EPO Management is Trying to Bribe Them to Change Their Plans/Minds While Hiding It From Staff)
If corruption prevails to this extent, it will have severe international effect
Gemini Links 09/09/2024: Gemini Application Developer Guide and ROOPHLOCH 2024
Links for the day
Links 09/09/2024: 'Dieselgate' Criminal Trial Starts Late, Mass Layoffs at Volkswagen
Links for the da