Linux security is a 'myth', claims Microsoft
Page 1 of 1
razor1394
VIP Member



Posts: 3571
Location: Sweden
PostPosted: Mon, 31st Jan 2005 15:25    Post subject: Linux security is a 'myth', claims Microsoft
Looks like the guy got a pistol pointed at his head by Steve Ballmer or another high ranked MS employee. It's even worse than that server cost measure.

Quote:

A senior Microsoft executive, speaking exclusively to vnunet.com, has dismissed Linux's reputation as a secure platform as a "myth", claiming that the open source development process creates fundamental security problems.

Nick McGrath, head of platform strategy for Microsoft in the UK, said that the myths surrounding the open source operating system are rapidly being exploded, and that customers are dismissing Linux as too immature to cope with mission-critical computing.


Source -> http://www.vnunet.com/news/1160853
Back to top
jtribe




Posts: 5
Location: UK
PostPosted: Mon, 31st Jan 2005 20:22    Post subject:
Na its true but who wants to piss about with free ware when you can annoy Microsoft Wink
Back to top
razor1394
VIP Member



Posts: 3571
Location: Sweden
PostPosted: Tue, 1st Feb 2005 10:23    Post subject:
Maybe because there is nothing to piss about? The article is bullshit.

Quote:

Who is accountable for the security of the Linux kernel? Does Red Hat, for example, take responsibility? It cannot, as it does not produce the Linux kernel. It produces one distribution of Linux.


The answer is yes! If there is a kernel flaw, RedHat can patch it. SUSE/Novell can patch it. Linus and the kernel team can patch it. IBM or any other developer can patch it.

Quote:

There a myth in the market that there are hundreds of thousands of people writing code for the Linux kernel. This is not the case; the number is hundreds, not thousands, he said.


That is a deliberate attempt to make it look like Linux has very few developers. The fact is that the kernel team may be moderately-sized, but I will wager the Microsoft team that actually works on their kernel is also moderate in size. Bugs appear everywere, not just the kernel. So, when you count the developers across the whole platform, you indeed have a large and significant set of programmers and developers working on improvements and fixes.
Back to top
[sYn]
[Moderator] Elitist



Posts: 8374

PostPosted: Tue, 1st Feb 2005 10:37    Post subject:
Quote:
Quote:

There a myth in the market that there are hundreds of thousands of people writing code for the Linux kernel. This is not the case; the number is hundreds, not thousands, he said.


That is a deliberate attempt to make it look like Linux has very few developers. The fact is that the kernel team may be moderately-sized, but I will wager the Microsoft team that actually works on their kernel is also moderate in size. Bugs appear everywere, not just the kernel. So, when you count the developers across the whole platform, you indeed have a large and significant set of programmers and developers working on improvements and fixes.


I have to agree, the article is utter rubish. I'm willing to bet the engineer's in control of kernel development for linux are far better at what they do than the M$ counter parts.
Back to top
Basil-Brush




Posts: 354

PostPosted: Tue, 1st Feb 2005 11:59    Post subject:
Anyone who has installed Linux and played around with it for a few minutes will appreciate its security benefits.
Linux has strict user permissions, I cannot help but think that the user accounts of the home versions of windows are an added on feature.

What do Miscosoft have to gain from making statements like this.
Back to top
toeffy
VIP Member



Posts: 1501

PostPosted: Tue, 1st Feb 2005 12:07    Post subject:
Basil-Brush wrote:
What do Miscosoft have to gain from making statements like this.


more money.


jesus christ was a gangsta rapper. they killed him. he came back and made a platinum album.
Back to top
Basil-Brush




Posts: 354

PostPosted: Tue, 1st Feb 2005 22:22    Post subject:
Yeah I suppose there's still millions of computer users who accept this.
Back to top
fisk




Posts: 9145
Location: Von Oben
PostPosted: Tue, 1st Feb 2005 22:40    Post subject:
Windows and security:

ANY user on the system can format any harddrive or delete important system files. Remote access to windows (through tons of back doors) compared to linux is easy, Windows is about as secure as any random car in a parkinglot. Yeah, it sure looks secure, but anyone with a moment of training can be driving off in it in a matter of time.

Linux and security:

ANY user on the system has access to delete his own files, well-managed systems don't even let you go anywhere outside your home-directory, and hacking into the system (as in the movies) nowadays is a skill of the very few. The overall customizeability of Linux kicks Windows ass in most departments, EXCEPT Commercial software (You know, indesign, photoshop, games, and all that) which makes Windows the #1 choice for the average consumer.


Yes, yes I'm back.
Somewhat.
Back to top
whoKnows
VIP Member



Posts: 2972

PostPosted: Tue, 1st Feb 2005 23:09    Post subject:
Windows and Security:

If you have a well administrated Win 2003 Server setup as a DC with ADS you have a secure system. No average user can format hard drives or delete important system files.

Linux and security:
It is just like with windows, you need to update and patch your servers regulary or they do get hacked in no time, linux or windows!
Back to top
looper23




Posts: 7

PostPosted: Fri, 18th Mar 2005 22:22    Post subject:
Linux is just as venerable as Windows and vice versa! There is and always will be ways and means to "hack" an OS's no matter what. Linux is developed by programmers with "open code" which can be examined by their peers for good coding practice etc..., this make Linux programmers better since they can easily come under critisism from their peers, therefore they feel more pressure to write good code. Whereas M$ programmers operate with"closed code", with only a "small" circle to examine it. Thats why Linux programmers and their products will always be better.
Back to top
startx




Posts: 109

PostPosted: Mon, 28th Mar 2005 17:44    Post subject:
and one day.... I will make a computer OS more secure than the universe it self... Smile heheheheheheheh LOL!!!!!!!!!!! joke joke joke.... Smile oh my...

Even Graphic Driver have flaws... everything in this World, has flaws... We are cannot make perfect things... we are imperfect as a human being, what else is to say, you, he she is perfect? duh! in the end... When the Time of Tribulation and rapture comes... God is the perfect One... Smile
Back to top
razor1394
VIP Member



Posts: 3571
Location: Sweden
PostPosted: Mon, 28th Mar 2005 17:47    Post subject:
Off course there is nothing made with 100% perfection. But in this case the alternative is closing in and passing It's competitors.
Back to top
m2rock




Posts: 1357

PostPosted: Mon, 28th Mar 2005 18:23    Post subject:
RH9 with out updates is more secure than Windows XP with the SP1 pack.
Back to top
razor1394
VIP Member



Posts: 3571
Location: Sweden
PostPosted: Tue, 29th Mar 2005 07:30    Post subject:
Windows XP SP1 is a joke when you connect it to the internet. And if you're unlucky SP2 messes up the whole comp.
Back to top
b5




Posts: 25

PostPosted: Tue, 29th Mar 2005 08:11    Post subject:
Quote:

Who is accountable for the security of the Linux kernel? Does Red Hat, for example, take responsibility? It cannot, as it does not produce the Linux kernel. It produces one distribution of Linux.


What a load of bullshit, since when is microsoft accountable for kernel faults? NEVER, they even make you agree never to bother them if their software destroys your computer, god bless the EULA.

So sure, no accountability in linux, agreed. But the same is true for windows.
Back to top
razor1394
VIP Member



Posts: 3571
Location: Sweden
PostPosted: Tue, 29th Mar 2005 08:24    Post subject:
Damn, I can't get the Why I hate Microsoft article out of my head. It's so damn good and well detailed and It's all true. Not any lousy lies like M$ are printing. Here are some nice quotes:

Quote:

Microsoft has such a nice slogan. "Where do you want to go today?" But in truth Microsoft couldn't care less where you want to go. All they care about is inflating their revenue at your expense. They'll tell you where to go. And you will go along with it. You can go easy or you can go hard...
A good example is the enormous market share that has been conquered by Outlook and Internet Explorer. Well, of course these products are the most widely used in the world! It's practically impossible to buy a PC without Windows these days, and Windows comes with Outlook and IE. Setting up Windows for its initial use involves the procedure for entering account data in Outlook and the use of IE as the system's default browser. Switching from these defaults to alternative products involves a consious effort on the part of the user, removing Outlook and IE is practically impossible.
But coercing the user to stick with Microsoft-supplied Internet applications is only a start.


Quote:

Although an apology to Tolkien is probably in order here, the similarities between the Rings of Power and the various Microsoft products are in fact striking. They will subtly try to take control of you, and every time you give in to the temptation to use one, the Dark Lord's power increases.
And in this respect Microsoft's control over document formats and standards for data exchange are most certainly the One Ring of Power.


Quote:

Let's be honest: there's no such thing as bug-free software. Initial versions of programs may occasionally crash, fail to de-allocate memory, or encounter untested conditions. Developers may overlook security holes, users may do things nobody thought of, and not all systems are identical. Software developers are human, and they make mistakes now and then. It happens. But of all major software vendors Microsoft has the worst record by far when it comes to the quality of their products in general.

Microsoft boasts a rather extensive product range, but in fact there's less here than meets the eye. Microsoft has forever been selling essentially the same software over and over again, in a variety of colorful new wrappers.


Windows' most serious design flaws wrote:

* Limited memory protection and memory management. This problem exists primarily in versions prior to Windows 2000. When an application contains bugs or otherwise runs wild, it may write to memory locations outside its own memory space, thereby crashing the entire system. Attempts to allocate more memory than is available often generates an exception, causing the application to crash instead of allowing it to recover gracefully. Similarly, out-of-boundary reads are also possible, which potentially compromises security.
* Insufficient process management. The OS relies heavily upon the application to release allocated resources. If an application hogs resources or fails to release them for some reason, either while running or upon termination, the OS often cannot reclaim those resources. Nor does the OS offer an administrator full control over processes and resources.
* No adequate separation between user-level and kernel-level code. An application may install DLLs or drivers. This introduces essentially uncertified, third-party code to the system, that may run at kernel-level, i.e. completely unprotected. Applications may also introduce modifications into the registry without any protection or verification whatsoever, which may cause other applications or even the OS to crash. This seriously compromises the reliability of the entire system. In fact Windows is the only major operating system in the market that may break whenever a user installs an application (essentially a user-level operation). In Windows 2000 and later a simple driver signature system has finally been implemented, but in practice this is not sufficient to guarantee stability.
* No adequate separation of different kernel-level code types. Drivers, for example, should contain driver code. They should offer the OS an API to interface with the underlying hardware. In Windows however a video driver may also contain virtual desktop code and other nonsense. Not only does the presence of user interface code in a hardware driver illustrate the messy nature of the Windows code's organisation, but it also leads to ridiculous issues such as system tray icons disappearing due to a bug in the video card's driver. (Nvidia comes to mind.) In a well-structured OS this would never happen.
* Lack of meaningful error messages. Whenever an error message is displayed, it rarely tells you exactly what the problem is. Nor does it give you enough details (e.g. an error or condition number) that would enable a support technician to trace the cause of a problem.
* No maintenance mode. When one or more of the 10,000+ files that make up the OS become corrupted, there is no maintenance mode that allows you to bring up the OS in a controlled state, doing repairs along the way. 'Safe mode' merely swaps configurations but offers little additional control. The OS either runs or crashes. The Windows 2000/XP Repair Console (an external utility on the Windows CD that may be run from the setup routine) does not allow you to run the OS in a maintenance mode, it merely allows you to access the file system of a broken Windows installation. Even finding out which files have been corrupted is often impossible.
* No code sharing. Only DLL code can be shared, which makes up only a tiny fraction of the entire OS and application code.
* No version control whatsoever on DLL code. The OS cannot distinguish one DLL from another one with the same name, even though they may contain entirely different code. Installers can, but generally don't bother with it (beyond warning the user that version x is about to be replaced with version y). The OS however will happily load whatever code is present in the DLL file it happens to find first.
* A very rudimentary and weak security model. Microsoft products have the worst security rating (and track record) in the industry. Their developers seem to have been completely unaware of even basic security issues.
* Rudimentary multi-user support. Being the offspring of a stand-alone, single-user desktop OS, Windows can only be implemented in a LAN (or any other environment where users share computing facilities) by means of cumbersome workarounds and kludges. Multi-user applications (e.g. Citrix, Windows Terminal Server) is even more problematic.
* OS code, application code and user data cannot be maintained separately from the OS and from each other. The OS is even designed to prevent this. Applications need to be "installed" i.e. integrated into the OS, a procedure that adds to or even overwrites part the OS fileset, may overwrite other application files or (registry) settings, and usually requires an OS reboot. The installation of one application may break another application.
* Windows does not follow global protocol standards correctly. It even deliberately ignores them in favor of proprietary implementations.
* Windows' API is only partially documented. Much of the operating system and the API remain essentially a black box to third-party developers. This causes problems during application development that often cannot be traced. Developers are forced to use workarounds, and may even be tempted to circumvent or ignore the API altogether. This, and the fact that nobody outside Microsoft really knows what goes on in the underlying code, leads to application software that won't run correctly (if at all) on updated or new versions of Windows.
* Windows' code is a collection of bad programming practices. It contains a huge amount of sloppy code and kludgey design, which results in an extremely glitchy and buggy end product. (A good example of sloppy programming is buffer access, which is routinely left unchecked in release versions of all Microsoft products. As a result of this amateur approach, Microsoft products are riddled with buffer overrun vulnerabilities. Of course buffer overruns don't only occur in Microsoft products but are also found in other software on other platforms. But the difference is in the numbers.) Bloated code has made Windows' efficiency the lowest in the market, requiring more resources and yielding less performance than any other OS in existence.


Why I hate Microsoft

Microsoft? No thanks... Pls just die.
Back to top
Page 1 of 1 All times are GMT + 1 Hour
NFOHump.com Forum Index - Operating Systems
Signature/Avatar nuking: none (can be changed in your profile)  


Display posts from previous:   

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group