Bonum Certa Men Certa

UNIX/Linux Offer More Security Than Windows: Evidence

"Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system..."

--Dennis Fisher, August 7th, 2008



Peter Kraus and David Gerard drew attention to the following interview with an author of adaware a few days ago. It explains in simple terms why Windows is inherently lacking in terms of security as it accommodates intrusion, despite all the denialist spinning [1, 2, 3]. Here is just a portion of this interview:

Eventually, instead of writing individual executables every time a worm came out, I would just write some Scheme code, put that up on the server, and then immediately all sorts of things would go dark. It amounted to a distributed code war on a 4-10 million-node network.

S: In your professional opinion, how can people avoid adware?

M: Um, run UNIX.

S: [ laughs]

M: We did actually get the ad client working under Wine on Linux.

S: That seems like a bit of a stretch!

M: That was a pretty limited market, I’d say.



Patching



Earlier in the week we found reports of new holes in Windows.

As previously announced, Microsoft has released a security update for Windows to close a total of three holes in the SMB protocol implementation. All three holes are based on buffer overflows. Two of them can apparently be exploited to inject and execute code remotely, without previous authentication. The third buffer overflow reportedly only causes the computer to reboot.


This is a lot more serious than Microsoft wants people to realise.

Microsoft Patch Tuesday bug is scary



THE FIRST Patch Tuesday fix of 2009 put out by Microsoft addresses a dangerous security vulnerability in its Server Message Block (SMB) protocol, or so say some insecurity experts


Botnets



"It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks. Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere."

--Jim Allchin, Microsoft



The pace of infection is very high and one worm alone is claimed to have seized millions of Windows-run computers in just one day.

The computer worm that exploits a months-old Windows bug has infected more than a million PCs in the past 24 hours, a security company said today.


One worm alone is spreading like wildfire.

Report: 2.5 million PCs infected with Conficker worm



According to F-Secure, there are already almost 2.5 million PCs infected with the Conficker worm, also known as Downadup. Since the worm has the ability to download new versions of itself, it is expected that the infection could spread much further. The new code is downloaded from domain names generated with a complex algorithm, making it hard to predict what domains will be used to spread the worms updates.


About 300 million PCs are still primed to become zombies too because of this one flaw.

With nearly a third of all Windows systems still vulnerable, it's no surprise that the "Downadup" worm has been able to score such a success, Kandek said. "These slow [corporate] patch cycles are simply not acceptable," he said. "They lead directly to these high infection rates."


In general, it is estimated that 98% of Windows PCs are ripe for hijacking [1, 2].

Attacks



Is there room for some humour in all this?

Here's a new way to get Microsoft to pay attention to you: Slip a brief message into the malicious Trojan horse program you just wrote.

That's what an unnamed Russian hacker did recently with a variation of Win32/Zlob, a Trojan program victims are being tricked into installing on their computers.

The message is surprisingly cordial, given that Microsoft's security researchers spend their days trying to put people like Zlob's author out of business. "Just want to say 'Hello' from Russia. You are really good guys. It was a surprise for me that Microsoft can respond on threats so fast," the hacker wrote, adding, "Happy New Year, guys, and good luck!"


E-mail



Many people remember Windows for submarines -- a fiasco that reportedly led to the departure of many angry engineers. Well, not more than a month passes by and the Royal Navy, which runs Windows, gets stung by a virus infection that causes harm. Interestingly enough, the report from The Register mentions only lost E-mail as the severe consequence, but surely there is considerably more.

The Ministry of Defence confirmed today that it has suffered virus infections which have shut down "a small number" of MoD systems, most notably including admin networks aboard Royal Navy warships.

The Navy computers infected are the NavyStar (N*) system, based on a server cabinet and cable-networked PCs on each warship and used for purposes such as storekeeping, email and similar support functions. N* ship nets connect to wider networks by shore connection when vessels are in harbour and using satcomms when at sea.


It is no surprise that the United States military gradually moves to Red Hat Linux. Crucial operations were getting stung by Windows, even in the recent past.

Along with a rise of botnets, whose masters exploit vulnerabilities in Windows, comes a lot more SPAM as well. SPAM affects everyone.

The demise late last year of four of the world's biggest spam botnets was good news for anyone with an email inbox, as spam levels were cut in half - almost overnight. But the vacuum has created opportunities for a new breed of bots, some of which could be much tougher to bring down, several security experts are warning.


This short report is based on just a few days. Nothing has improved -- security-wise -- in Microsoft's product line.

"Usually Microsoft doesn't develop products, we buy products. It's not a bad product, but bits and pieces are missing."

--Arno Edelmann, Microsoft's European business security product manager

Comments

Recent Techrights' Posts

Linux Journal Might Have Become the Latest Slopfarm Targeting "Linux", the Trends Are Concerning for Dying News Sites
They tarnish the Web with junk and then die
On "Learning to Code"
quality may suffer, plus things get bloated
Quick Points Regarding This Week's Court Hearing
it paves the way for us to squash all the SLAPPs from Microsofters
Common Mistake: Believing Social Control Media Will Document Your Writings/Thoughts and Search Engines Like Google Will Help You Find These
Many news sites wrongly assumed that posting directly to Twitter would be acceptable
The Manchester Bees and This Hot Summer
We have had a fantastic week so far this week
Gemini Protocol Enters Its Seventh Year, Growth Has Accelerated!
Maybe in June 20 2026 there will be over 3,500 active capsules?
Mastodon and the Fediverse Have an Issue: Liability for Content (Even in Other Instances) and Costs
self-hosting is the only logical path forward
Why Microsoft and Its 'Hey Hi' (Slop) Frenzy Fail While Sinking in Deep, Growing Debt
Right now, like Twitter around the time it was sold to MElon, "open" "hey hi" is a big pile of debt with a lot to pay for that debt (interest payments)
Europe is Leaving Microsoft, the Press Coverage Isn't Sufficiently Helpful
The news is generally positive, but the press coverage leaves so much to be desired
Slopwatch: Linuxsecurity, BetaNews, and Linux Journal
slippery slope
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 19, 2025
IRC logs for Thursday, June 19, 2025
Gemini Links 20/06/2025: Gemini Protocol Turns 6!
Links for the day
Links 19/06/2025: Ghostwriting Scam and Fentanylware (TikTok) Buying Time
Links for the day
Microsoft's Windows is a Niche Operating System in Africa
African nations aren't a large contributor to Microsoft's income, but if many African nations move away from Windows, then the monopoly is at risk
Gemini Links 19/06/2025: Unix Primitivism, Zine Club, and Gemini Protocol Turns 6 at Midnight
Links for the day
Links 19/06/2025: WhatsApp Identified as Assassination 'Crosshairs', Patreon Now Rips Off People Even More
Links for the day
"Told You So": Another Very Large Wave of Microsoft Layoffs Now Confirmed in Mainstream Media
So we were right to believe the rumours, based on the credibility of prior such rumours
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 18, 2025
IRC logs for Wednesday, June 18, 2025
Gemini Links 18/06/2025: Magit and Farming
Links for the day
Slopwatch: BetaNews is Now a Slopfarm (Like Linuxsecurity) and Google News is Overwhelmed by Slopfarms
The Web is bad
Links 18/06/2025: SCOTUS Decision on Fentanylware (TikTok) Still Ignored, 4.5-Day Work Weeks
Links for the day
Links 17/06/2025: Windows TCO and G7 Rifts
Links for the day
The Right to Know and the Freedom to Report on Crime (at the Higher Echelons)
I'd like to do the same thing for the next 20 years
BetaNews Appears to Have Fired All Of Its Staff
Even serial sloppers
After the Web Becomes Slopped to Death
A lot of people are rightly fed up with the "modern" Web
Gemini Protocol Turns 6 on Friday
Active (online) Gemini capsules are estimated by Lupa at over 3,000
Like Most Social Control Media, Microsoft LinkedIn is Collapsing
One reason for Microsoft acquisitions is debt-loading, i.e. offloading and burying its debt
Microsoft is Losing Its Richest Clients
Unlike some very poor countries, Germany and the EU are a considerable source of income to Microsoft
Proprietary Means Not Secure
Proprietary software tends to rely on secrecy, not good design
Slop in 'AI' Clothing is a Passing Fad, We'll Get Past It (Like Blockchain Before That)
Many people cheat in exams using slop and there are professionals that try using slop as a "shortcut"
GNOME Does Not Campaign Against Microsoft, KDE Does
It's good to see that KDE is still active in promotion of Free software - a term that it uses
Slopwatch: BetaNews, Linuxsecurity, and Other Prolific Slopfarms
name and shame the sites that establish such proliferation of slop
Gemini Links 18/06/2025: Birch Lake and Loon Pond
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 17, 2025
IRC logs for Tuesday, June 17, 2025