[LINK] Re: Windows XP versus Vista

David Goldstein wavey_one at yahoo.com
Fri Jan 25 14:43:02 AEDT 2008 

How much is the security problem with Microsoft products to do with if you attack Windows-based computers you can potentially reach well over 90% of the world's computers and how much is to do with the design of the software?

Whatever its validity there are stories circulating more and more of hackers hacking into Mac computers, precisely because there are more of them now and it's becoming worthwhile for hackers to delve into this area.

David

----- Original Message ----
From: Rick Welykochy <rick at praxis.com.au>
To: stephen at melbpc.org.au
Cc: link at anu.edu.au
Sent: Friday, 25 January, 2008 4:58:43 AM
Subject: Re: [LINK] Re:  Windows XP versus Vista

stephen at melbpc.org.au wrote:

> Come on Microsoft, give XP to the world. You've finished with it, you
 
> don't want it, you're going virtual  ...

I've got one word to say to you, Stephen: Zombies. Well, several words:
bot wars (on Windows), bot armies, DDos attacks, SPAM and PRON
 distribution,
identity theft, sophisticated phishing. These are all possible courtesy
of one single IT company: Microsoft. The current dismal security
 situation
on the Net is mainly due to the "ease of use" promoted by Microsoft.

WinXP is a very bad move if WinXP is no longer supported with security
updates. New exploits are found in Windows all the time. And this
will not end tomorrow.

The only safe Windows box is disconnected from the Internet.

In safely configured server installations, Linux/Unix lives out there
on the periphery (sometimes even being the periphery), and Windows
 servers
are located way inside the secure zones, completely isolated and
 firewalled
from the Internet. As many services as possible are proxied before
being sent on to Windows. You know the drill: email cascades through
Linux-run services before being handed over to Exchange. Apache on
Linux reverse proxies traffic or redirects to internal IIS services.
Etc. etc.

On the client side, you have a snowflake's chance in hell of directly
connecting a WinXP box to the Internet, get the security updates
 downloaded
and installed and reboot before your box is compromised. This has been
discussed time and time again on the list. It takes advanced technical
skill to get a Winders box setup and on the Net without it being
 compromised
in minutes.

Giving WinXP to millions of unskilled users will only make the current
 problems
on the Internet worse. Add third world conditions to the mix, and
 you've
got an ever-escalating threat. In Australia we have access to and can
 afford
the myriad extra resources required to secure client-side Windows, even
 if most
consumers don't bother the use them. In the third world, these
 resources are
scarce, cost money and I doubt will be used at all.

Getting back to zombies (i.e. the compromised box sitting in your
 loungeroom),
we all know they can be used for distributing SPAM and PRON. But they
 can also
be used to tunnel and hide traffic usage patterns (think of a Tor-style
 bot net).
This presents a rather serious security threat. It makes the task of
 tracking
terrorist communications that much harder, if not impossible. It
 stymies
law enforcement tracking down and stamping out kiddie pron. In general,
 zombies
present a new security threat that has not even begin to be dealt with.


> Virtualization
> Microsoft Pushes Virtualization
> Wendy Tanaka, 01.22.08, 12:01 AM ET
>
 <http://www.forbes.com/technology/enterprisetech/2008/01/20/microsoft-
> vmware-calista-tech-cx_wt_0121microsoft.html>
> 
> "Watch out, VMware. We're coming after your space!" is the underlying
 
> message of Microsoft's new strategy for virtualization--software
 services 
> that help businesses reduce costs and improve business processes. 
> 
> Microsoft on Monday planned to announce what it calls a companywide 
> strategy to accelerate broad adoption of virtualization by its
 customers.
> 
> As part of its new approach, the Redmond, Wash.-based software giant 
> unveiled a suite of services aimed at reducing the number of servers 
> businesses need to use, separating applications from operating
 systems, 
> reducing costs, and--thanks to trimmed energy use--lowering carbon 
> emissions.

This *might* be welcomed on the server side. With current offerings, a
medium-size Windows-based enterprise must deploy one box for SQL
 database,
another for email services, yet another for file sharing and printing,
... you get the picture. Windows has serious scaleability issues that
are addressed by installing more and more hardware.

Compare this to Linux. On the one box, all these services are installed
and deployed, and the box usually sits there at 50% idle.

I know I am generalising, but this is a common pattern when comparing
a Windows server installation to a Linux one.

But get this: if Windows right now requires one to distribute various
 daemons
(services) on different physical boxes due to scaleability issues, that
problem does not vanish when one moves to virtualisation. Smoke and
 mirrors
and *extra grunt*  will make it appear that there is a gain, but at the
 cost
of replacing, say, ten individual boxes with one with ten times the
 grunt,
hardware, memory and expense. There may be some savings through a
 refactoring
effect in the shared hardware. I don't know if this has been
 quantified.

Of course, once again, Microsoft is not an innovator in the area of
 virtualisation.
As mentioned in the article, they'll be acquiring, embracing and
 extinguishing
to accomplish their goal. Don't believe the hype. This is yet again Not
 A Good Thing.
It is yet another attempt by Microsoft to clear-fell another sector of
 the
IT market.


cheers
rickw


-- 
_________________________________
Rick Welykochy || Praxis Services

Your food stamps will be stopped effective March 1992 because we
 received notice
that you passed away. May God bless you. You may reapply if there is a
 change in
your circumstances.
      -- Department of Social Services, Greenville, South Carolina
_______________________________________________
Link mailing list
Link at mailman.anu.edu.au
http://mailman.anu.edu.au/mailman/listinfo/link





      Make the switch to the world's best email. Get the new Yahoo!7 Mail now. www.yahoo7.com.au/worldsbestemail

More information about the Link mailing list