A recent ‘honeynet’ experiment showed that “unpatched Windows systems continue to be compromised more quickly, sometimes within minutes, the Honeynet Project report stated. Debbie Fry Wilson, director of product management for the security response centre at Microsoft, told ZDNet UK sister site CNET News.com that the company’s latest operating system is more secure than the report suggests,” Robert Lemos reports for CNET News.
“‘While it is not clear which version of Windows was used during the study, we feel that a Windows XP SP2 configuration with the Windows firewall enabled is the most resilient client operating system available in the market and can withstand attack much longer,’ Wilson said. ‘We are pleased that the report indicates that two Windows-based honeynets in Brazil withstood attack for several months. However, we are not certain that the report provides conclusive data based on a controlled and scientific study comparing the two operating systems,'” Lemos reports. “Every Windows system compromised during the study had its security breached by a worm.” Full article here.
In related news…
“Antivirus company Symantec warned its customers about a number of critical holes in Microsoft’s Windows operating system, that surfaced late Thursday and that could make Windows systems vulnerable to compromise by remote attackers. The problems do not affect Apple’s Mac OS X operating system,” Paul Roberts reports for Macworld UK.
“Symantec acted after security researchers published the details of the heap overflow vulnerabilities in messages posted to online security news groups Thursday. The flaws affect most supported versions of Windows, but Microsoft has not yet issued a patch for the newly disclosed holes. Windows users are vulnerable to Internet based attacks until patches are issued, Symantec said,” Roberts reports. Full article here.
MacDailyNews Take: For our Windows-only friends, more information about smoothly adding a safe, secure, powerful, and fun Mac OS X machine to your computing arsenal can be found here.
Related MacDailyNews articles:
Windows spyware mess is out of control, get a Mac and surf with impunity – December 21, 2004
New Microsoft Internet Explorer exploit spoofs Web sites on fully patched Windows XP systems – December 17, 2004
Microsoft may charge extra for Windows spyware protection software – December 16, 2004
Detroit Free Press: Windows malware problem getting worse, it’s time to get a Mac instead – December 16, 2004
Sick of spyware, adware headaches? Get a Mac and surf the Internet freely – December 13, 2004
Mossberg: Windows PCs plagued with problems, Apple’s Mac is ‘rock solid, elegant and affordable’ – December 09, 2004
Security expert: Don’t use Microsoft Windows, Office, Outlook, Internet Explorer – December 09, 2004
Security test: Windows XP system easily compromised while Apple’s Mac OS X stands safe and secure – November 30, 2004
Sick of spyware, adware infecting your PC? Don’t fret, just get a Mac – November 01, 2004
Microsoft: The safest way to run Windows is on your Mac – October 08, 2004
Spyware plagues Windows users while Mac users surf Net with impunity – November 01, 2004
Ballmer blames Windows users for not upgrading systems as Microsoft’s biggest security problem – October 22, 2004
Windows users line up to pay for spyware removal; Mac users surf Web with impunity – October 18, 2004
Microsoft: The safest way to run Windows is on your Mac – October 08, 2004
Windows users’ security woes spark interest in Apple’s secure Mac OS X – October 06, 2004
Windows desktop monopoly threatened by secure, safe Apple Mac OS X – October 04, 2004
Even Bill Gates can’t avoid Windows malware; Mac users surf the Web freely – October 03, 2004
Cyber-security adviser uses Apple Macintosh to avoid Windows’ security woes – September 27, 2004
Information Security Investigator says switch from Windows to Mac OS X for security – September 24, 2004
Mossberg: Apple iMac G5 ‘powerful, affordable, virus-free with better, more modern OS than Windows XP’ – September 23, 2004
USA Today: people are switching from Windows to Mac because of security issues – September 21, 2004
Windows besieged by hackers; number of Windows viruses soars by more than 400% – September 20, 2004
USA Today columinst angry about Windows viruses, adware, spyware – September 15, 2004
University of Chicago recommends all students patch Windows at least once a day – September 14, 2004
Windows XP worm speaks to users as it deletes their files; Macintosh unaffected – September 13, 2004
Security is top priority in Apple’s Mac OS X – September 12, 2004
Millions of Windows PC’s hijacked by hackers, turned into zombies; Macintosh unaffected – September 08, 2004
Mossberg: Dump your Windows machine and get an Apple Macintosh to free yourself of spyware – August 25, 2004
Tired of patching patches to patch Windows patches? Writer suggests getting a Mac – August 03, 2004
Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected – June 26, 2004
Gartner: Worms jack up the total cost of Microsoft Windows – May 07, 2004
Spyware, adware plague Windows users online; Mac OS X users surf freely – April 19, 2004
SmartMoney: Long-suffering Windows users can only dare to dream of Mac’s ease-of-use – February 12, 2004
Mac OS X has no viruses; what’s wrong with Windows? – February 11, 2004
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 1, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Wall Street Journal’s Mossberg on making the switch from Windows to Mac – September 18, 2003
Fortune columnist: ‘get a Mac’ to thwart viruses; right answer for the wrong reasons – September 02, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
Chicago Sun-Times columnist: Windows ‘many holes in its security’ but ‘none of my Macs have ever been affected – August 26, 2003
Sick of worms and viruses? ‘Move to Mac OS X’ suggests Chicago Tribune columnist – August 25, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003
Every time I read MDN’s smug but helpful link to the apple website for those who use the windows machines, I can’ help but wonder how many windows only users actually come to this site and are the type that would be willing to switch.
Merry Christmas Windows users! May your holiday be filled with angst and pain constantly reformatting your computer.
What a bummer it would be to get a windoze computer for Christmas:
http://apnews.excite.com/article/20041225/D876DH602.html
“Hackers Aim to Sabotage Holiday Computing
Dec 24, 10:03 PM (ET)
By RACHEL KONRAD
SAN JOSE, Calif. (AP) – Hackers, spammers and spies go into overdrive in December and January, when unsuspecting neophytes unwrap new computers, connect to the Internet, and, too often, get hit with viruses, spyware and other nefarious programs.
“People want to get on the Net right away, just like they want to put together and start using any Christmas present,” said Tony Redmond, chief technology officer of Palo Alto, Calif.-based computer giant Hewlett-Packard Co., whose new PCs ship with 60 days of virus and adware protection. “They should be warned that the Net is a very, very dangerous place.”
and
“Some experts wonder whether the computer has become the digital age equivalent of a puppy – an enthralling treasure on Christmas morning, but a sinkhole for time and energy for years after. At very least, computers are far more demanding than the typical holiday toy, which merely requires batteries.
“At some point, people who receive them for Christmas often ask, ‘Is this computer a gift or a curse?'” Ross said. “
“….and can withstand attack much longer….”
uhhh … how much longer ??
“….Every Windows system compromised during the study had its security breached by a worm..”
uhhh…. until the next “worm du jour” happens along !! … (obviously)
The thing that irritates me the most…. are the latest commercials for ISPs …. (AO-hell… Net-Zero … Netscape… et al.) … all promising
the usual,…. spam-blockers, anti spyware… and COMPUTER virus protection…
Isnt it time to call a spade… a spade ??
Whenever you hear someone refer to it as a “computer” virus… politely correct them… and tell them,
“Its not just a “computer” virus…. its a WinDoze virus… because…the only type of machine these viruses affect… are those which run WinDoze… !!
Change their thinking on this one topic, and you may get them to begin to …..”Think Differently” ….
That humongous list of related articles brought a big christmas grin to my face.
“a Windows XP SP2 configuration with the Windows firewall enabled is the most resilient client operating system available in the market”
bwaaahaaahaaa – that is hysterical! Her statement had to be issued via a PR release because no one could have possibly said that and kept a straight face. Unless by “resilient” she means you can keep installing and reinstalling over and over and over.
You might say, hey, that’s not fair, it’s an “unpatched Windows system!”
Unwrap a Mac Christmas morning and plug IT in umpatched to the internet (as a LOT of Mac & Windows users will be doing this morning) and see what happens.
True plug-n-play!
Merry Christmas guys! (oh, and MacBeth too!)
What is with the testing in Brazil? I would have thought a more testing environment would be the UK or USA …..
just wondering how much bigger the list of related news links is going to get? and of course how a company with so much bad press against it is still going
from article:
we feel that a Windows XP SP2 configuration with the Windows firewall enabled is the most resilient client operating system available in the market
What a load of rat turds. Mac OS X is clearly, definably, and demonstrably safer than any Windows system, including Win XP SP2. It may be more difficult for XP2 to get certain internet worms, but it’s still susceptible to loads of viruses, trojan horses, and what about spyware, adware, bloatware and all manner of so called “crapware” along with problems with pop-up windows, etc, etc…
Sitting untouched in a controlled lab experiment is a far cry from actual use by a human being which can add a variety of additional security concerns.
Shhhhhhhhhhhhh…. don’t let on about the Mac being secure or everyone will switch and we’ll find worms in our Apple’s as well.
Even though I hope the above post is kinda a joke, it reminds us of how strong the “security through obscurity” myth truly is and how well Microsoft plays that card to ensure market success.
Oh well. I have my mac so I am happy.
(This post brought to you by the word “know,” as in, “know what your talking about before you right an article about computer security.”
notatotalsucker
Shhhhhhhhhhhhh…. don’t let on about the Mac being secure or everyone will switch and we’ll find worms in our Apple’s as well.
I know your not serious about this post, but seeing as the Mac has about a 3% US marketshare by sales, I would think it’d need a critical mass of at least 25%-30% installed to make it even remotely attractive to hackers. Even then, it’d have to be similarly easy to compromise, or it would not be worth the trouble. This would mean that hackers that currently are attacking Windows systems would have to relearn a new OS and how to hack into it. Many hackers are just using tools created by other people.
Bottom line, it would take a lot of miracles for Apple to get to a position where it would even seem to be a useful or attractive target, and even then a lot of other things would have to happen for hackers to go after it. Finally, Apple would have to sit around doing nothing about it (a la Microsoft)…
Basically the Mac is safe. Now and effectively forever. Certainly all the changes that would have to take place could not reasonably happen in the useful life of your current system. Or likely the next. Those types of changes would take many years.
The myth about security through obscurity is not so much that the Mac is not more secure because it’s less common, because that is part of the reason the Mac is more secure. The myth is that that is the only reason the Mac is more secure, and not more secure architecture, more safeguards, etc.
Thanks for clarifying Twilightmoon. I actually learned something from your post. =)
DanK
Thanks for clarifying Twilightmoon.
Sure, no problem. I’ve enjoyed many of your posts also.
Twilightmoon,
although your post is sound you too are affected by the myth of security via obscurity.
What you imply is that a certain platform is a juicy target based on the presence on the net. While this might have old some truth in the past, when there were few millions machines in total all over the world, nowadays it has lost all ground for reasonable thinking.
All OSes out there today are present by the tens of millions of machines. All of them are big enough targets for crackers to be attacked. What makes an OS a valid target is the rate of infection. A cracker does not care at all if for a certain platform there are 1 BILLION machines out there if s/he cannot infect them because it is too hard. A much juicier target would be an OS in tens of millions but highly vulnerable. It is the case with Windows that became the #1 target right away when its presence online was minimal and certainly microscopic compared to once predominant Unix machines.
Let’s make things easier: say there are 300 Millions machines and that there are only two OSs around: Windows and OS X. Now, Windows rate of infections have been over 60% in recent attacks, in some cases even higher. Lets be generous and say that 50% machines running Windows can be affected by a newly released work.
BSDUnix (OS X inner guts) has shown % of infection of few digits. Let’s be nasty and say that at least 5% OS X machines would be infected by a new released virus.
Now, let’s assume Windows is present at 90% and OS X at 10% (Windows presence on the net is actually less than 90%. Mind, presence on the net, not quarterly sales %)
We send a virus. Of the 300 Millions platforms 270 Millions are Windows and 30 OS X. Remember, to a cracker what matters is the final number of infection NOT the initial number of available machines online.
So, at 50% we have a big 135 Millions infections on Windows and 1.5 Millions of OS X (at 5%). “Well, Do’h Seahawk, you just discovered hot water: See? it is because OS X are so few everyone go against Windows”
Not so fast lad. Reverse the percentage. Say it is now Windows at 10% of the entire installed base and OS X at 90%. WOW, 270 millions OS X on the net. SURELY now they are the best target for crackers, right?
WRONG!
The system retain their vulnerability and – AGAIN – to a cracker the initial available number of machines has little attraction: what matters is how many can be penetrated and cracked. So, here goes the simplistic calculation – but close to reality, as an actual cracker once told me -.
30 Million Windows machines (10% of total 300 Million overall) at 50% infection gives us 15 Million machines infected by the virus.
270 Million OS X machinse (90% of total 300 Million overall) at 5% infection gives us 13.5 Million machines infected by the virus.
OHHHH, still Windows the best attractive target. You know, this is well known to crackers, Windows is their bests friends whatever the market conditions.
The only thing that big numbers of an OS give is reasons to try but Windows is what makes other OSes safe. It is so much easier to get big numbers from attacking Windows than any other OS. AND, to attack Unix in general, and BSDUnix especially, requires a lot of effort for a minimal result. For as long as there would be a target giving lots of infections for a minimal effort other OSes will never be a better target.
And if Windows would still be the OS giving most infection even at a small 10% online, I’d say it is a sound bet to forecast that no matter what level of market OS X will conquer in the future it will never be as attractive to make for a shift of target.
Thanks Windows, the best Firewall on the net.
Twilightmoon: rereading your post, maybe you were not actually implying that, anyway, it was a good excuse to make my posts.
Happy New Year everyone, especially the Firewall users out there, I mean, Windows users. You believe you’re just using a PC, you’re actually using a virus catcher.
In addition to be well protected, what best to avoid being robbed than having neighbors leaving money and jewels hung at their Windows and instructions hung on the front door with the safe and alarm code.
And they keep doing it again and again, robbery after robbery.
Seahawk-
very clever analogy. I’m not sure if its correct, but I like it non the less
(the magic word is evidence, as in, lets use evidence when we make an argument)
Seahawk
1. Whether the current Windows OS with XP SP2 is secure or not, which I doubt. There is a huge installed base of older Windows systems on the net right now. Even so-called “unpatched” older versions of XP. That’s plenty of fertile ground for viruses, regardless of what MS does to secure Windows in the future.
2. It’s hard to quantify how much security is bought through obscurity. OS X may have millions of users, but few Mac users are “hackers.” Most of the people who enjoy hacking are PC users, or at least if they own a Mac they also own a PC. Before Mac OS X, the Mac did have a few viruses. There were about 72 or something close to that in the 18 or so years between 1984 and 2001 or 2002 when Mac OS 9 began to fade and be phased out. There are likely more Windows viruses written every single day, now, than the total number of viruses that the Mac has had in it’s entire history. There were viruses even back before the spread of the Internet. I remember vividly spending time in a computer lab learning to type, on DOS based PCs, and having to scan my floppy for viruses, and still the lab had problems keeping up with the spread of them, computers were shut down, etc.
3. You mentioned how UNIX once was far more prominent on the net than Windows was. Keep in mind a lot of people keep critical files, and finical information and other personal data on their PCs, and that was never likely the case on UNIX boxes. I would think this would also make Windows a more attractive target than UNIX.
4. Mac OS X clearly has some solid security features that OS 9 and Windows don’t have. For example having to type in your password to install anything into the system space of your computer. I believe Apple remains on top of security and really cares about this issue. I think Microsoft only cares about it to the effect that it’s getting bruised by bad press and losing money and customers to it. They have a terrible history on the subject and a long track record of proven incompetence and indifference.
That said, the USER is the ultimate security concern. You can erase your hard drive, you can delete all your files, you can run a script that will do the same. You can likewise send your data to an unknown source over the internet… there’s all manner of things that you can do that are not a good idea that I don’t think any system security measure will ever be able to stop. The Mac OS is not immune from this.
Twilightmoon, nothing to argue against that.
Still, for point 3) Windows became the #1 target for crackers in matter of months. And in those initial time I dunno how many users truly had any financial or critical data on those: businesses at that time were in IMB mainframes.
I do not think there was any corporate fully on IBM compatible PCs (as they were called) and initially really few users had a PC, still virus writers went from playing with Unices (at university mainly) to targeting Windows. No eBanking or credit cards on PCs at the time. Was easy, was fun, was quick.
For point 2) It is more a fallout of the Microsoft PR spin: we are attacked because we are in the greatest number. Hence, to explain why other OSes are not as vulnerable you have to conclude “Heck, because they are so few”. Viruses on Windows are practically all written using virus-kits. You just need to read and understand English to *create* a virus. A virus is essentially a C or C++ program and nowadays Mac users are as well programmers migrated from Unix/Linux. In terms of expertise I favor this last group rather than the average corporate Windows user.
4) Hey, it’s an incarnation of BSDUnix, no one expects any virus to spread easily on those. And if it does not spread it is not a virus, it is a joke. There could be 100 Million OS X machines around one day. “If you only can get a few what do you care if they are a lot?” – Real cracker quote
” width=”19″ height=”19″ alt=”wink” style=”border:0;” /> (not me)
Twilight: of course, no OS can protect users from their own idiocy. Never will. OS X, being Unix, is already affected by root-kit. There are aplenty.
If you install one, give it root privileges and run it who is to blame? The OS? (Remember Renepo)
But I guess that was not implied by anyone ever in this site.
I think if you two (seahawk and twilightmoon) combine all your points, you have an entirely correct argument.
Love the discussion. Brilliant.
I agree with DanK — Seahawk and twilightmoon have done a marvelous job in demystifying (sp?) the myth.
Thanks all.
*This post was brought to you by the word “shown”, as in, this article and all comments made on it, has “shown” that Windoze is totally a POS system.
PS: sorry DanK — I’m not as witty.