[QUOTE=ButtsexV2;21671502]Because 90% of Windows systems have the owner of the machine using the administrator account, meaning malware can do pretty much anything it wants from there.
Not to mention the registry is the most exploitable piece of shit in operating system history.[/QUOTE]
lol... you still haven't explained anything relating to the actual design of windows, just what account level people choose to use
if people run as root in linux they're just as easily exploited (actually easier because of no UAC)
it's really easy to throw out vague statements like "the registry is exploitable" but it's honestly really meaningless unless you can provide an actual example
[QUOTE=mrcsb;21678009]lol... you still haven't explained anything relating to the actual design of windows, just what account level people choose to use
if people run as root in linux they're just as easily exploited (actually easier because of no UAC)
it's really easy to throw out vague statements like "the registry is exploitable" but it's honestly really meaningless unless you can provide an actual example[/QUOTE]
omg. the design is that users are root as default. how thick are you?
[QUOTE=Euphoracle;21678117]omg. the design is that users are root as default. how thick are you?[/QUOTE]
admins in windows are actually a far cry from "root" and given that UAC exists, the point is kinda non-existent
[QUOTE=mrcsb;21678009]lol... you still haven't explained anything relating to the actual design of windows, just what account level people choose to use
if people run as root in linux they're just as easily exploited (actually easier because of no UAC)
it's really easy to throw out vague statements like "the registry is exploitable" but it's honestly really meaningless unless you can provide an actual example[/QUOTE]
not what level they choose to use, what level they're pretty much forced to use.
also, nobody runs Linux as root other than those running workstations and such not connected to the internet.
[QUOTE=ButtsexV2;21679373]not what level they choose to use, what level they're pretty much forced to use.
also, nobody runs Linux as root other than those running workstations and such not connected to the internet.[/QUOTE]
you're hopeless
I know
If Windows is so secure, why do you have so many viruses? Don't bullshit me with 'Windows is the target for viruses', it isn't. Linux is. It runs web servers and whatnot. Windows runs on a 10 year old kernel that's been maintained through patches.
Go out and buy a computer with Windows installed. You're admin on the installation.
Windows is full of design flaws.
[QUOTE=CPPNOOB;21684125]If Windows is so secure, why do you have so many viruses? Don't bullshit me with 'Windows is the target for viruses', it isn't. Linux is. It runs web servers and whatnot. Windows runs on a 10 year old kernel that's been maintained through patches.
Go out and buy a computer with Windows installed. You're admin on the installation.
Windows is full of design flaws.[/QUOTE]
Exactly. Why would a hacker target a 70 year old lady, when they can get the personal information of thousands of people by hacking a web site or database.
[QUOTE=CPPNOOB;21684125]Windows is full of design flaws.[/QUOTE]
Such as...?
I've asked this many many times and the only one I've heard is that "users are admin by default". This is why UAC exists.
[QUOTE=PvtCupcakes;21684478]Exactly. Why would a hacker target a 70 year old lady, when they can get the personal information of thousands of people by hacking a web site or database.[/QUOTE]
Apparently neither of you are aware of how much money one can earn through a botnet. It's hilarious, really.
As is the assumption that everyone running Windows is 70 year old and female (I don't even want to know why you assume female users are morons, but that's separate issue), given that over 90% of desktop computers are running Windows, with the rest mostly being Macs.
Desktop computers are far less secured than servers, thus, an easier target. No, it's not specific to Windows, and if you believe so you're incredibly naive and have never browsed the Ubuntu forums.
And no site worth a damn is going to store personal information unencrypted. Besides finding an exploit in the host, you'd have to find a way to decrypt the sensitive material.
Sites that don't properly encrypt user data get hacked all the time... running Linux I might add. It doesn't much matter though since in the vast majority of cases where systems are compromised, it's the software that's at fault.
[QUOTE=mrcsb;21703524]...majority of cases where systems are compromised, it's the [b]user[/b] that's at fault.[/QUOTE]
ftfy
[QUOTE=ButtsexV2;21703557]ftfy[/QUOTE]
so the argument that windows is supposedly insecure is null and void
[editline]10:59PM[/editline]
[QUOTE=CPPNOOB;21684125]Windows runs on a 10 year old kernel that's been maintained through patches.[/QUOTE]
I missed this gem but I don't think it needs any commentary LOL
[QUOTE=mrcsb;21703585]I missed this gem but I don't think it needs any commentary LOL[/QUOTE]
Linux is 20 year old kernel that's been maintained through complete rewrites every two years.
Okay, let me rephrase what I said.
GNU/Linux is more secure than Windows.
[QUOTE=ButtsexV2;21703871]Linux is 20 year old kernel that's been maintained through complete rewrites every two years.[/QUOTE]
can you find a source that proves it's been rewritten or are you just making things up again
[editline]01:29AM[/editline]
[QUOTE=CPPNOOB;21703938]Okay, let me rephrase what I said.
GNU/Linux is more secure than Windows.[/QUOTE]
hey, can you enumerate on Windows' design flaws for me
alternatively, list GNU/Linux's design strengths
and nothing relating to admin accounts since it's been listed a million times already and is irrelevant
it's really easy to make blanket statements like "X is more secure than Y" but unless you can provide actual [b]examples[/b] then you're just talking out of your ass
honestly, this is the most hilarious thread I've read on FP because I've asked for something simple and nobody has been able to provide it
[QUOTE=mrcsb;21706554]can you find a source that proves it's been rewritten or are you just making things up again
[editline]01:29AM[/editline]
hey, can you enumerate on Windows' design flaws for me
alternatively, list GNU/Linux's design strengths
and nothing relating to admin accounts since it's been listed a million times already and is irrelevant
it's really easy to make blanket statements like "X is more secure than Y" but unless you can provide actual [b]examples[/b] then you're just talking out of your ass
honestly, this is the most hilarious thread I've read on FP because I've asked for something simple and nobody has been able to provide it[/QUOTE]
read the fucking sticky. that is all.
[b]This just in: The commonly known Windows design flaw of all users being administrator is irrelevant to Windows' design flaws and shouldn't count.[/b]
The very fact that Windows needs anti-viral software is a giant design flaw.
[url=http://seclists.org/fulldisclosure/2009/Sep/39]Remote BSoD[/url]
[url=http://www.zdnet.com.au/apache-bug-prompts-update-advice-339301617.htm]Apache Bug that's only effective in Windows[/url]
[QUOTE=limulus54;21706747]read the fucking sticky. that is all.[/QUOTE]
Read this thread. I already have, multiple times.
[editline]02:22AM[/editline]
[QUOTE=CPPNOOB;21706868]The very fact that Windows needs anti-viral software is a giant design flaw.
[url=http://seclists.org/fulldisclosure/2009/Sep/39]Remote BSoD[/url]
[url=http://www.zdnet.com.au/apache-bug-prompts-update-advice-339301617.htm]Apache Bug that's only effective in Windows[/url][/QUOTE]
Windows doesn't need an antivirus if you don't run downloaded files as admin (read: blindly click through UAC prompts) or if you don't care about loss of data in your user directory or similar folders. this behavior is no different from linux.
the "fact" that Windows "needs" an antivirus isn't a flaw, it's the supposed effect of the flaws that you've continually failed to enumerate on.
you just linked two exploits, but none of these are design flaws, they are the result of them. if you follow security groups like Secunia, you'd be aware that exploits on Linux are as common (actually moreso) than on Windows.
it's no surprise that you don't have a clue about what software design entails, but don't try to act like you do. it makes the linux community look like a bunch of clueless zealots.
I've bitched out some people in this thread for not providing sources, so here's Secunia.
Windows 7, the entire operating system: 10 security holes in 2010
[url]http://secunia.com/advisories/product/27467/?task=statistics_2010[/url]
Linux 2.6.x, just the kernel: 17
[url]http://secunia.com/advisories/product/2719/?task=statistics_2010[/url]
I like how you assume that I'm the voice for the entire GNU/Linux community and on to of that, GNU/Linux users can't be clueless zealots.
Go ahead and name [i]one[/i] GNU/Linux virus.
It's down to me trying to argue that Windows is insecure and you're defending the piece of shit that it is.
[QUOTE=CPPNOOB;21708136]I like how you assume that I'm the voice for the entire GNU/Linux community and on to of that, GNU/Linux users can't be clueless zealots.
Go ahead and name [i]one[/i] GNU/Linux virus.
It's down to me trying to argue that Windows is insecure and you're defending the piece of shit that it is.[/QUOTE]
oh look
[url]http://en.wikipedia.org/wiki/Linux_malware#Viruses[/url]
I'm not stereotyping the entire linux community to be like you, I'm making the observation that you're acting just like the freetard zealot community that already exists and gives Linux a bad name
and nah, it's actually down to you guys not being able to enumerate on the supposed design flaws of windows, because none of you actually understand software design, likely because none of you have ever done it
there is no argument, because you do not know how to argue, or what constitutes a legitimate point in argument
all you have done is perpetuate the FUD that Linux zealots so frequently accuse Microsoft of spreading
kind of a side point, but might I add that Windows Server 2008 is absolutely rock fucking solid
if you stop being a religious freetard and actually examine and use software objectively, you'll realize that microsoft products are actually quite good (just as I realize Linux has progressed tremendously recently)
but I'm not holding my breath
[QUOTE=CPPNOOB;21708136]I like how you assume that I'm the voice for the entire GNU/Linux community and on to of that, GNU/Linux users can't be clueless zealots.
Go ahead and name [i]one[/i] GNU/Linux virus.
It's down to me trying to argue that Windows is insecure and you're defending the piece of shit that it is.[/QUOTE]
ok, I was kind on your side for a bit, but windows is not a piece of shit. it's fine. I personally think that linux is somewhat superior, but due to other reasons I cannot use it as my main OS. but this does not mean that windows is shit. different OS's for different purposes. or the same purposes, it's all am matter of preference.
except for OSX, it go die in a fire. well, in my opinion. I can see how some people have a legitimate use for it, but most people don't.
I won't fucking talk about how good Microsoft products are after I've lost hours of work through crashes.
[QUOTE=limulus54;21708473]except for OSX, it go die in a fire. well, in my opinion. I can see how some people have a legitimate use for it, but most people don't.[/QUOTE]
it's comments like these that pretty much sum up why nobody on this forum has any ethos when it comes to discussing the pros and cons of software
hey did it ever occur to you that OS X is a general-purpose operating system and thus 100% of people have a need for one
if somebody prefers OS X over Windows, then you're out of luck buddy
[editline]05:25AM[/editline]
[QUOTE=CPPNOOB;21709179]I won't fucking talk about how good Microsoft products are after I've lost hours of work through crashes.[/QUOTE]
yeah I'm not gonna acknowledge the merits of Linux either after all those failed upgrades, like the one that left me at a CLI with no GUI or wireless, in a hotel with no ethernet cable while on vacation
never mind that I do all my programming in linux... linux sucks dicccccckkkkk
If you don't know CLI, don't use GNU/Linux. It's meant for people who know how to use computers.
It was also your shitty idea of upgrading while on vacation.
[QUOTE=CPPNOOB;21710009]If you don't know CLI, don't use GNU/Linux. It's meant for people who know how to use computers.
It was also your shitty idea of upgrading while on vacation.[/QUOTE]
your desperate attempts to make me look bad are actually pretty funny
I can only assume I've made you look like an ass at this point, and you're upset about it
FWIW:
* I know CLI front-back but that doesn't give me wireless, furthermore I have been using linux since before you were using computers
* applying [i]security patches[/i] while on vacation shouldn't be a bad idea, rather, the distribution should not distribute system-breaking patches... otherwise, you know, those security holes could be exploited
* you [b][i]still[/i][/b] haven't enumerated on windows' flaws or linux's strengths (also, all desktop linux distros install with the default user as an admin, thanks to the ubiquity of sudo)
seriously, do I need to help you out? I can do that.
On Windows, you can download executable files. On Linux anything you download can not be made executable unless you say it can be.
Just download some binary off the internet, and it won't run until you use chmod +x someBin.run
There have been countless exploits on Windows where a jpg would contain executable code and execute itself and own someone's machine.
Secondly, the package management system creates a repository of trusted software. You generally don't have to even think "is this going to be a virus", like most Windows users do. Because everything in the package manager is known to not be a virus.
[QUOTE=mrcsb;21710346]your desperate attempts to make me look bad are actually pretty funny
I can only assume I've made you look like an ass at this point, and you're upset about it
FWIW:
* I know CLI front-back but that doesn't give me wireless, furthermore I have been using linux since before you were using computers
* applying [i]security patches[/i] while on vacation shouldn't be a bad idea, rather, the distribution should not distribute system-breaking patches... otherwise, you know, those security holes could be exploited
* you [b][i]still[/i][/b] haven't enumerated on windows' flaws or linux's strengths (also, all desktop linux distros install with the default user as an admin, thanks to the ubiquity of sudo)
seriously, do I need to help you out? I can do that.[/QUOTE]
You applied an update without reading if it was going to fuck your shit up, and look where it got you.
What's you using GNU/Linux before me using computers got to do with anything?
I have enumerated on Windows' flaws. You're by default an admin. That's not a minor flaw, that's a [i]major[/i] flaw.
Stop passing sudo off as an admin account alternative.
This is getting stupid.
Linux [b]is not[/b] more secure than modern Windows. Both platforms are rock solid, especially when looking at server builds.
The flaws in each are down to the software running on each. The argument that UAC stops virus' is void. There have been plenty of exploits to automatically elevate the code.
Likewise, restricting access to the root account isn't the be all and end all. Rootkits are far more deadly.
The NT architecture wouldn't still be in use 20 years on if it was severely flawed.
Fact is, most of the web based attacks take advantage of bugs in PHP and Apache, not the platform they are running on.
Back on topic.
I use Linux because of the entertaining error messages (not really).
[img]http://img685.imageshack.us/img685/1700/dumb2.jpg[/img]
Sometimes it's not even necessarily that Windows is flawed, but that Linux is just better.
[url]http://fedoraproject.org/wiki/Security/Features[/url]
[quote=Fedora Project]
Fedora is the first mainstream operating system to provide MAC (Mandatory Access Control) based security using [URL="http://fedoraproject.org/wiki/SELinux"]SELinux[/URL] enabled by default. SELinux was developed in partnership with the NSA (National Security Agency) - A US based goverment security organisation and Red Hat with developers from projects such as Gentoo and Debian. Security Enhanced Linux protects users and processes by watching all actions on the system, from opening a file to using a socket. Users may write their own SELinux security policies according to their risk tolerance. By default, Fedora runs a targeted security policy that protects network daemons that have a higher chance of being attacked. If compromised, these programs are extremely limited in the damage they can do, even if the root account is cracked.
For example, Apache is protected in four different ways. The executable for Apache, httpd, is protected at compile time by PIE and Exec-Shield. The executable binary file on the system is protected by ELF hardening. Finally, SELinux policies are in place so that if httpd is cracked, it can only append to the Apache logs and mangle content in specific directories; it cannot roam around home directories or otherwise interact with the rest of the system.
[/quote]
There are a bunch of other little things, like a decent built in firewall, and PolicyKit is pretty cool too.
Windows Firewall is pretty much worthless; it's never been able to even stop me from getting into a Windows machine remotely.
iptables on Linux will actually block me from getting through port 80 until I open it up.
Sorry, you need to Log In to post a reply to this thread.
