It's going to be very hard for people here to take, especially after wading through the tone of this article or the bogus reference to the Yale GMail story, but this guy is right. Hold your nose and suck it up, Microsoft is in fact doing a better job with software security than any other large company in the industry.
Agreed. All I could think when reading the Google article was, "They really think OS X is inherently more secure?" Surely it just benefits from having fewer attackers bother to target it.
However, this only helps if you're a typical desktop user whose primary threat is a random virus or other malware attack. If you're like Google, on the other hand, you have to worry about highly developed targeted attacks -- to stretch the analogy, a large bear that has specifically picked you out of the crowd.
When that's the case, all the random scattershot viruses in the world become irrelevant, and your platform's inherent security mechanisms and development practices are the only things that matter.
That may be "all it takes" for J. Random Hacker worried about his personal system being compromised. But when it comes to a large corporation with a metric shit-wad of extremely sensitive and potentially very sought after data finding themselves in the digital targeting reticule of hostile corporations and even the intelligence services of first world governments that level of "security" is about as useful as a bullet-proof vest made of single ply toilet paper.
Yeah, I'm sure the powers that be at Google never thought about that. If interested parties are using off-the-shelf attack software, this gives Google a leg up, however temporary, because there is less off-the-shelf attack software for OSX.
So while everyone is scrambling to find holes in OSX to exploit in order to grab Google's data, Google secretly converts to plan9, never having intended to use OSX anyway. It's the greatest misdirection in history!
Google is a big company, they are subject to a lot of the same dumb-itude (though hopefully less so) as other big companies. They are capable of making poor choices for all the wrong reasons just like anybody else (see also: buzz, wave, knol). Personally, I hope they are making smart security choices behind the scenes.
Nevertheless, my point was a counterargument to the idea that merely switching to windows and being "faster than the other bear bait" was enough for google, as it's not.
This is true. However, I'll settle for Microsoft following OpenBSD's lead and implementing ASLR and DEP in the world's most widely used desktop operating system.
That's only a tiny part of what OpenBSD does for security. Most of their work seem to be on auditing code and creating new secure tools when there's nothing fixable or with a good open source license (like OpenSSH, OpenCVS, OpenBGPD, and OpenNTPD.)
Don't get me wrong, I'm not arguing against OpenBSD's superiority here in the slightest. In fact, except for my FreeBSD VPS, my general rule is that none of my Internet-facing machines run anything but OpenBSD.
I'm just saying that if Microsoft can duplicate even a little of those good practices and bring them to the masses, more power to them.
I was nodding at this article until I got to the part that said that OpenBSD should have used "Exim or Postfix and MaraDNS or NSD" to replace Sendmail and BIND, and then decided that the author didn't in fact know what he was talking about.
It is however a real critique of OpenBSD's security model that they haven't pursued enhanced access control (Niels had to bolt it on with Systrace because Theo doesn't agree with the concept).
> Microsoft is in fact doing a better job with software security
> than any other large company in the industry
No.
They did some good changes with Vista+, sure. But their code base for most of their products is still a huge pile of crap, security-wise. IIS, Exchange, Outlook, and even Windows itself. Not all remote exec bugs are mitigated by the new OS features.
Also, with typical Microsoft attitude, usability is neglected and many users just end up opening security settings permanently after being hassled dozens of times. That's counter-productive.
A great example recently on their legacy of bad code is Hernan Ochoa's vulnerability find:
Vulnerable systems practically every Windows OS including 2000, XP, Vista, and 7.
> Impact: An unauthenticated remote attacker without any kind of
> credentials can access the SMB service under the credentials
> of an authorized user. Depending on the privileges of the authorized
> user, and the configuration of the remote system, an attacker
> can gain read/write access to the remote file system and execute
> arbitrary code by using DCE/RPC over SMB.
It's a shame HN users end up shooting down any contrarian opinion. In particular a piece of opinion like this one, there isn't an absolute right stance.
And don't get me wrong, I've been vocal about Microsoft working harder on security than, say, Apple/Sun/Oracle/Cisco. I just don't think they are "in fact doing a better job with software security than any other large company in the industry." That's a long shot. Google does their homework, to name one.
Well, yes, ok the extent to which tptacek backs them up is a bit extreme (Im not unconvinced he is wrong).
Also; authority was the wrong word to use - experience is a better one. I'm generally inclined to trust his experience (especially as it partly matches my own observation too)
You're citation was not really proving a counter argument (I did downvote - but only after it was +3)
Here is evidence that Microsoft takes security seriously:
Virtually every product they ship has been tested by iSEC Partners, Leviathan, IOActive, or (in some rare cases) Matasano. For the most part, Microsoft does not get the B-teams from these firms. If you care to check those company names out, just Google [<company> black hat].
Virtually every single developer at Microsoft has been trained in secure software development, and has formal incentives tied in some way to software security.
Virtually every Microsoft product has a documented threat model, almost certainly constructed by a third-party assessor.
Most Microsoft products have fuzzers (the ones that don't are hard to fuzz). In many cases those fuzzers were written by people like Mike Eddington.
Microsoft has delayed major product releases --- like operating systems --- to re-audit after people found bugs that shouldn't have made it to the final stages of QA.
I'm somewhat familiar with Google's practices. I invite you to counter my evidence of Microsoft's superiority with specific examples of how Google "does their homework". Google does a fine job, so you should have no problem.
Just one counter-example: IIS runs parts on kernel mode (at least until last year when I last checked.) Parsing HTTP on kernel mode sounds very bad. How many vulnerabilities were last year for IIS alone?
(a) Funny you should ask. In the past year, there's one published advisory (kingcope's DOS) on IIS7, and 3 on Apache.
(b) In neither IIS 6 nor IIS 7 have any of those published advisories granted attackers kernel access of any sort. In fact: find me the last IIS vulnerability that did give up the kernel. I bet you can't.
That's because I've written (according to SearchYC) 51 comments here already explaining in various ways why I think Microsoft is doing an excellent job on software security, and instead of boring everyone by restating my argument, I chose here to key in on the fact that this Microsoft spokesman did a terrible job of communicating with his audience.
They are doing an excellent job. I never questioned that. I questioned your absolute statement about them being better than everybody else in the industry.
Unless you have access to the said source code, you don't have a point.
I can actually tell you that Windows NT source code is everything but "a pile of crap". I can't tell for exchange or IISS, but I would be very surprised that it's crap.
Security is extremely difficult. It's even more difficult for a consumer product.
Even OpenBSD had remote exploits in the default install.
Really? I know several guys who did security auditing for Microsoft on-site (a few years ago.) One (famous researcher) said the concepts were very good, but implementation was just terrible. Also they expressed disappointment when their findings mostly fell into deaf ears (another sec audit guy.)
Also I happen to know more than one (grey?) hat who makes/sells 0day of Microsoft products. Microsoft opened Pandora's Box pissing off security researchers a few years back, there are many wounds to heal.
And on your OpenBSD bashing, they have a very good security record. Sure, Theo had a short temper, but they always worked very hard on security and most of his rants were related to drivers (and IMHO, he was almost always right.)
Hey, alecco? I am one of several people who has done code auditing for Microsoft.
I simply do not believe your unattributed story about security advice at Microsoft "falling on deaf ears". For the past several years, a large subset of "famous security experts" have been falling over themselves to present at Microsoft's private internal Blue Hat conference.
Incidentally, before you decide to call me a Microsoft apologist, you might be interested to know that I worked on the original OpenBSD security audit (back when the company I worked at, SNI, started the audit), and for several years wrote the OpenBSD security advisories. I also spent 4 years working at Arbor Networks, then largest commercial OpenBSD security product company in the world.
Also, if you're wondering why people are downmodding you, start by considering that 'shin_lao didn't bash OpenBSD.
This argument is getting ridiculous. I didn't question your credentials. I only questioned your absolute statement. I didn't say you are a "Microsoft apologist", and about shin_lao's OpenBSD statement I probably misread it (it was late last night for me.)
> Microsoft is in fact doing a better job with software security
> than any other large company in the industry
[IMHO] Google does a much better job and Microsoft still needs to rewrite a lot of their code base to be safe. And their bad usability record also counts against them, as stated on my original response.
Again, sure, Microsoft beats Apple/Sun/Oracle/Cisco. I agree 100% with you there. (As stated before.)
You keep saying "Google does a much better job". But I'm specifically rebutting that point. I gave specific reasons why I think that. You keep offering no specific responses. Why do you think this is an effective way to make a point?
I'm sorry you feel like this is getting ridiculous, but what I think is happening is that you've once again bumped into someone on Hacker News that isn't simply going to concede the point to the person with the greater zeal for the issue. I get it. You like OpenBSD. You prefer open source. You prefer Google to Microsoft. This is all understandable. Unfortunately, your ideology doesn't change the facts on the ground.
About Google: I really like their security approach for Chrome/V8, and NaCL looks amazing (in particular the upcoming LLVM version.) Chrome OS isn't here yet but the concept looks very interesting for security (not so much for privacy and other aspects, though.)
> what I think is happening is that you've once again bumped
> into someone on Hacker News that isn't simply going to concede
> the point to the person with the greater zeal for the issue.
I hold a very slightly different view from yours (e.g. I think Microsoft is doing a lot about security and other giants should take note, as in the original reply.)
It is sad people look for absolute right and wrong. Why can't we have both different views and not necessarily be wrong? In particular on a difference in opinion.
> I get it. You like OpenBSD. You prefer open source.
I like some things about OpenBSD, in particular their code auditing, but of course it's far from perfect. If I remember well, more than once Theo argued against something and later on it became a major feature of the project.
About projects, I consider myself a bit of a sad agnostic lately. In particular I haven't used OpenBSD in a long time.
> You prefer open source.
Yes. But I happen to use closed source everyday and don't have problem with that. I use iWork to create PDFs and slides, sometimes. Hah, I'm even OK with crappy proprietary software (iTues+iPod), nothing I can't handle.
Apple, and in particular OS X and Safari, in the security side are a disgrace. But I can live with it (e.g. use Chrome with JS/Flash disabled by default, use TrueCrypt and other encryption software as much as possible, and be very careful where I plug my notebook and what I authorize in it.)
> Unfortunately, your ideology doesn't change the facts on the ground.
What ideology? You just did a (bad) guess at my stance. And even if you were right, it was just ad-hominem.
Counter example: I hate Google's anti-privacy hypocrisy. Same for their server-side services, and [also for] removing power from the users. Microsoft always empowered users with tools, it's their business model. I liked them a lot [back then] when things changed from server-side borderline authoritarian systems [to empowered Wintel PCs]. And now the world is coming back to [centralized systems], sadly.
And my point was Microsoft isn't "the best", not yet. Sure, they improved significantly, but the baggage of many years of apathy and maneuvering is still a cost today.
The only bit of evidence you have marshalled for this argument is Hernan Ochoa's NTLM challenge advisory, which may be one of the most clever attacks published this year, after Juliano's Java Server Faces CBC padding oracle. But unlike Juliano's attack, which busted up a whole huge class of Java web applications because of a Sun bug, Ochoa's finding required knowledge of a proprietary challenge-response scheme and the reverse-engineering of its implementation.
I find that evidence exceedingly weak.
Meanwhile: what vendor is doing a better job on security than Microsoft is? That being, you know, my whole argument and all.
'Windows is known for being more vulnerable to attacks by hackers and more susceptible to computer viruses than other operating systems.'
The facts don’t support the assertion."
Both parent article and parent post switch the topics: Though Microsoft did a lot of work to improve security, Windows as a platform (when you include anything installed on Windows like Adobe Flash and Reader) is certainly "more vulnerable to attacks by hackers and more susceptible to computer viruses."
I don't think I have to provide examples, anybody is able to count.
That's why I actually like that iPhone and iPad don't allow "anything goes" with the native apps. That's the biggest improvement in approach to the security in the last decades.
As far as your platform argument goes, Flash and Reader are as inherently insecure on Mac OSX as on Windows ... maybe even worse as exploited at Pwn2Own. That Platform argument kind of falls on its face.
Of course it doesn't fall. Try to count the number of IE toolbars for Windows, then try to count for Mac. Try to count the number of antivirus programs for Windows, then for Mac. Try to count how many shell extensions are installed with different programs. How many file handlers etc. On every Windows computer the attack surface is unbelievably bigger, unless you're very untypical user.
But even more important reason for increased "Windows platform insecurity" is the economy -- evildoers can control much more computers (and make more money) if they invest the time to make Windows trojans.
On the other side, I believe that if we just look at the Apple software for Mac delivered by default and the Microsoft software delivered with the OS, Apple is more vulnerable -- Microsoft really does much more security work on the core (in invested man hours per lines of code of the core) and delivers less functionality than Apple by default -- even a mail client is not an official part of Windows 7, that's good trick to have more secure default OS package.
Still if you use Windows you're much more likely to fall victim, and it will remain so for a quite while.
the "Mail Client not being an official part of Windows 7" bit can be attributed to the lawsuits and antitrust litigations...
As far as falling victims for the near future, according to a CNet article (amongst others):
Ninety percent of critical Microsoft Windows 7 vulnerabilities can be mitigated by configuring the operating system for standard user rather than administrator, according to a new report released on Monday.
On the other hand, it was recently reported that free apps and screensavers on Mac contained embedded malware .
My point is: doesn't matter what platform you use, the weakest link is the user especially if one keeps clicking on any link or attachment without being sensible + cautious ..
Re: "embedded malware for Mac": let's count the number of malware waiting to trick you to come to your PC with Windows OS. Than do the same for Mac. For Windows it's certainly hundreds of thousands, if not millions, every kid writes them, there are even enough "no-need-to-know-programming" kits. From Macs the number is, I'm guessing now, tens at most?
It does matter, an it matters a lot, what platform you use.
With Windows 7, we added improvements to BitLocker
for disc encryption (we also introduced BitLocker-to-Go
for external USB devices), and added enhancements to the
built in Windows Firewall for better protection.
OS X equivalent is encrypted disk images and FileVault (and the firewall, but whatever).
Windows 7 has Parental Controls built in that can be
combined with Windows Live Family Safety to create a
safer experience on the PC for children.
Yeah, OS X has that too. I wrote large parts of it.
His most compelling point is ASLR. It'd be nice if OS X had that.
> OS X equivalent is encrypted disk images and FileVault
Calling FileVault an "equivalent" of BitLocker is too generous. BitLocker provides several important things currently lacking from OS X's built in disk encryption facilities:
* Strong encryption: If you use FileVault, you're essentially gambling that your hypothetical attacker can't break a 1024-bit RSA key. That isn't such a good bet these days.
* Trusted boot path in conjunction with a TPM; defense against the "evil maid" attack
* Support for full disk encryption, not merely encryption of home directories
* Enterprise key management and recovery, so that full disk encryption can conceivably be used within a large organization
You'll want to buy PGP or similar if you're on a Mac and you want good disk encryption. (But that still won't give you anything like BitLocker's boot path verification.)
But yeah, the whole parental controls thing is not only a moot point (didn't OS X actually have that first?), but pretty much irrelevant to security in the sense intended in this discussion...
Apple can't use a TPM without people going apoplectic, even now years later. After the first couple shitstorms when the Intel Developer Preview Mac and a few other early models had TPMs, they just stopped including them with any of their hardware, despite (or perhaps because) they're essentially the only outfit that could pull that off.
Only a few models had them, and Apple doesn't like to ship features like that, especially with the way they'd get shat on over it.
I think your argument about 1024-bit RSA being too weak is pretty much nonsense, and nothing defends against the "evil maid" attack, which kind of misses the point of full disk encryption anyways.
Even if you want to make some semantic argument that this doesn't strictly fall under the mantle of "disk encryption", it still proves the point that FileVault is no substitute for BitLocker.
I'm wrong on neither count. The likelihood that anyone's disk encryption is going to be broken by a brute force attack on an RSA key of any size is nil. There remain attacks on Bitlocker regardless of whether it boots from a static trusted root. And, again: the whole notion of "evil maid" attacks does miss the point of disk encryption; if you lose control of your computer, it's no longer trustworthy no matter what.
Microsoft started from a point of having such terrible security that was practically impossible __not__ to improve.
The point is that, despite all of the work they have done (and they have done a lot) they still have a very long way to go to make up for 20 years of completely ignoring security engineering.
Scenario: Google runs Microsoft software, is attacked by hackers. Google has to wait on Microsoft for knowledge/patches to security holes, even though Windows has great security. Logical reaction: move away from Microsoft products due to nature of platform.
That I get.
Google runs Linux, is able to patch things up whenever holes occur due to the open source nature of the OS. A move to Linux makes sense to me. What I don't get, however, is the bit where OSX is allowed.
My theory is that Google made the switch not because OSX and Linux have better security per se (that is, as compared to Windows - because tctacek is right, Windows is rather good with security) but because having a userbase of so many different flavours of Linux and a spattering of OSX is going to be hell for future hackers. Does this make sense?
Unfortunately, the facts do support the assertion. I've been involved with computers since the early days of Windows 3.1, and if I tally up the number of times I've had to deal with Windows security flaws compared to security flaws on Linux or Macs there's really no doubt at all that Windows is less secure by design, and also more expensive and complex to maintain an adequate level of security.
Windows 3.1 (or 9x or XP) is quite irrelevant to the discussion. Do you say the same about modern Windows (Vista/7)? Many people will disagree with you if you do.
Windows is less secure than other OS. But windows is better secureD than other OS. The only difference is that having 95+% market share, they are targeted by an awful lot more attacks.
66 comments
[ 3.5 ms ] story [ 132 ms ] threadWhen that's the case, all the random scattershot viruses in the world become irrelevant, and your platform's inherent security mechanisms and development practices are the only things that matter.
So while everyone is scrambling to find holes in OSX to exploit in order to grab Google's data, Google secretly converts to plan9, never having intended to use OSX anyway. It's the greatest misdirection in history!
Nevertheless, my point was a counterargument to the idea that merely switching to windows and being "faster than the other bear bait" was enough for google, as it's not.
I'm just saying that if Microsoft can duplicate even a little of those good practices and bring them to the masses, more power to them.
The title is a little provocative, but the article is really worth it.
It is however a real critique of OpenBSD's security model that they haven't pursued enhanced access control (Niels had to bolt it on with Systrace because Theo doesn't agree with the concept).
They did some good changes with Vista+, sure. But their code base for most of their products is still a huge pile of crap, security-wise. IIS, Exchange, Outlook, and even Windows itself. Not all remote exec bugs are mitigated by the new OS features.
Also, with typical Microsoft attitude, usability is neglected and many users just end up opening security settings permanently after being hassled dozens of times. That's counter-productive.
A great example recently on their legacy of bad code is Hernan Ochoa's vulnerability find:
Vulnerable systems practically every Windows OS including 2000, XP, Vista, and 7.
http://www.hexale.org/advisories/OCHOA-2010-0209.txt
EDIT: Formatting.Sure, the "pile of crap" was a bit juvenile. But that doesn't invalidate my point.
Tom would seem to count as an original/authoritative/primary source :)
(when the counter citation is completely off the point I think that says something important)
http://en.wikipedia.org/wiki/Argument_from_authority
It's a shame HN users end up shooting down any contrarian opinion. In particular a piece of opinion like this one, there isn't an absolute right stance.
And don't get me wrong, I've been vocal about Microsoft working harder on security than, say, Apple/Sun/Oracle/Cisco. I just don't think they are "in fact doing a better job with software security than any other large company in the industry." That's a long shot. Google does their homework, to name one.
Also; authority was the wrong word to use - experience is a better one. I'm generally inclined to trust his experience (especially as it partly matches my own observation too)
You're citation was not really proving a counter argument (I did downvote - but only after it was +3)
Virtually every product they ship has been tested by iSEC Partners, Leviathan, IOActive, or (in some rare cases) Matasano. For the most part, Microsoft does not get the B-teams from these firms. If you care to check those company names out, just Google [<company> black hat].
Virtually every single developer at Microsoft has been trained in secure software development, and has formal incentives tied in some way to software security.
Virtually every Microsoft product has a documented threat model, almost certainly constructed by a third-party assessor.
Most Microsoft products have fuzzers (the ones that don't are hard to fuzz). In many cases those fuzzers were written by people like Mike Eddington.
Microsoft has delayed major product releases --- like operating systems --- to re-audit after people found bugs that shouldn't have made it to the final stages of QA.
I'm somewhat familiar with Google's practices. I invite you to counter my evidence of Microsoft's superiority with specific examples of how Google "does their homework". Google does a fine job, so you should have no problem.
(b) In neither IIS 6 nor IIS 7 have any of those published advisories granted attackers kernel access of any sort. In fact: find me the last IIS vulnerability that did give up the kernel. I bet you can't.
I can actually tell you that Windows NT source code is everything but "a pile of crap". I can't tell for exchange or IISS, but I would be very surprised that it's crap.
Security is extremely difficult. It's even more difficult for a consumer product.
Even OpenBSD had remote exploits in the default install.
Also I happen to know more than one (grey?) hat who makes/sells 0day of Microsoft products. Microsoft opened Pandora's Box pissing off security researchers a few years back, there are many wounds to heal.
And on your OpenBSD bashing, they have a very good security record. Sure, Theo had a short temper, but they always worked very hard on security and most of his rants were related to drivers (and IMHO, he was almost always right.)
Edit: very minor clarifications.
-- Please read my statement on OpenBSD again, the keyword is "even" which implies I view the security of this os rather highly.
I simply do not believe your unattributed story about security advice at Microsoft "falling on deaf ears". For the past several years, a large subset of "famous security experts" have been falling over themselves to present at Microsoft's private internal Blue Hat conference.
Incidentally, before you decide to call me a Microsoft apologist, you might be interested to know that I worked on the original OpenBSD security audit (back when the company I worked at, SNI, started the audit), and for several years wrote the OpenBSD security advisories. I also spent 4 years working at Arbor Networks, then largest commercial OpenBSD security product company in the world.
Also, if you're wondering why people are downmodding you, start by considering that 'shin_lao didn't bash OpenBSD.
Again, sure, Microsoft beats Apple/Sun/Oracle/Cisco. I agree 100% with you there. (As stated before.)
I'm sorry you feel like this is getting ridiculous, but what I think is happening is that you've once again bumped into someone on Hacker News that isn't simply going to concede the point to the person with the greater zeal for the issue. I get it. You like OpenBSD. You prefer open source. You prefer Google to Microsoft. This is all understandable. Unfortunately, your ideology doesn't change the facts on the ground.
It is sad people look for absolute right and wrong. Why can't we have both different views and not necessarily be wrong? In particular on a difference in opinion.
I like some things about OpenBSD, in particular their code auditing, but of course it's far from perfect. If I remember well, more than once Theo argued against something and later on it became a major feature of the project.About projects, I consider myself a bit of a sad agnostic lately. In particular I haven't used OpenBSD in a long time.
Yes. But I happen to use closed source everyday and don't have problem with that. I use iWork to create PDFs and slides, sometimes. Hah, I'm even OK with crappy proprietary software (iTues+iPod), nothing I can't handle.Apple, and in particular OS X and Safari, in the security side are a disgrace. But I can live with it (e.g. use Chrome with JS/Flash disabled by default, use TrueCrypt and other encryption software as much as possible, and be very careful where I plug my notebook and what I authorize in it.)
What ideology? You just did a (bad) guess at my stance. And even if you were right, it was just ad-hominem.Counter example: I hate Google's anti-privacy hypocrisy. Same for their server-side services, and [also for] removing power from the users. Microsoft always empowered users with tools, it's their business model. I liked them a lot [back then] when things changed from server-side borderline authoritarian systems [to empowered Wintel PCs]. And now the world is coming back to [centralized systems], sadly.
It's somewhat irrelevant.
What is important is how the problems are addressed once found. Generally Microsoft are quite quick at it (as are other OS vendors)
And my point was Microsoft isn't "the best", not yet. Sure, they improved significantly, but the baggage of many years of apathy and maneuvering is still a cost today.
But I still don't see how that relates to the example you cite?
I find that evidence exceedingly weak.
Meanwhile: what vendor is doing a better job on security than Microsoft is? That being, you know, my whole argument and all.
"The Financial Times article states that:
'Windows is known for being more vulnerable to attacks by hackers and more susceptible to computer viruses than other operating systems.'
The facts don’t support the assertion."
Both parent article and parent post switch the topics: Though Microsoft did a lot of work to improve security, Windows as a platform (when you include anything installed on Windows like Adobe Flash and Reader) is certainly "more vulnerable to attacks by hackers and more susceptible to computer viruses."
I don't think I have to provide examples, anybody is able to count.
That's why I actually like that iPhone and iPad don't allow "anything goes" with the native apps. That's the biggest improvement in approach to the security in the last decades.
But even more important reason for increased "Windows platform insecurity" is the economy -- evildoers can control much more computers (and make more money) if they invest the time to make Windows trojans.
On the other side, I believe that if we just look at the Apple software for Mac delivered by default and the Microsoft software delivered with the OS, Apple is more vulnerable -- Microsoft really does much more security work on the core (in invested man hours per lines of code of the core) and delivers less functionality than Apple by default -- even a mail client is not an official part of Windows 7, that's good trick to have more secure default OS package.
Still if you use Windows you're much more likely to fall victim, and it will remain so for a quite while.
As far as falling victims for the near future, according to a CNet article (amongst others):
Ninety percent of critical Microsoft Windows 7 vulnerabilities can be mitigated by configuring the operating system for standard user rather than administrator, according to a new report released on Monday.
On the other hand, it was recently reported that free apps and screensavers on Mac contained embedded malware .
My point is: doesn't matter what platform you use, the weakest link is the user especially if one keeps clicking on any link or attachment without being sensible + cautious ..
It does matter, an it matters a lot, what platform you use.
His most compelling point is ASLR. It'd be nice if OS X had that.
Calling FileVault an "equivalent" of BitLocker is too generous. BitLocker provides several important things currently lacking from OS X's built in disk encryption facilities:
* Strong encryption: If you use FileVault, you're essentially gambling that your hypothetical attacker can't break a 1024-bit RSA key. That isn't such a good bet these days.
* Trusted boot path in conjunction with a TPM; defense against the "evil maid" attack
* Support for full disk encryption, not merely encryption of home directories
* Enterprise key management and recovery, so that full disk encryption can conceivably be used within a large organization
You'll want to buy PGP or similar if you're on a Mac and you want good disk encryption. (But that still won't give you anything like BitLocker's boot path verification.)
But yeah, the whole parental controls thing is not only a moot point (didn't OS X actually have that first?), but pretty much irrelevant to security in the sense intended in this discussion...
Only a few models had them, and Apple doesn't like to ship features like that, especially with the way they'd get shat on over it.
TPM support would be nice, though.
http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-P...
And BitLocker's trusted boot path does defend against the evil maid attack:
http://theinvisiblethings.blogspot.com/2009/01/why-do-i-miss...
Even if you want to make some semantic argument that this doesn't strictly fall under the mantle of "disk encryption", it still proves the point that FileVault is no substitute for BitLocker.
Thank you for Parental Controls, for what it's worth. Turning them on was the single most effective thing I did to fix my son's homework problem.
The point is that, despite all of the work they have done (and they have done a lot) they still have a very long way to go to make up for 20 years of completely ignoring security engineering.
That I get.
Google runs Linux, is able to patch things up whenever holes occur due to the open source nature of the OS. A move to Linux makes sense to me. What I don't get, however, is the bit where OSX is allowed.
My theory is that Google made the switch not because OSX and Linux have better security per se (that is, as compared to Windows - because tctacek is right, Windows is rather good with security) but because having a userbase of so many different flavours of Linux and a spattering of OSX is going to be hell for future hackers. Does this make sense?
Sure, the "pile of crap" was a bit juvenile. But that doesn't invalidate my point. ================= peter011 <a href="http://in.linkedin.com/in/croissancesystems1rishiagarwal " rel="dofollow">CROISSANCE SYSTEMS</a>
Unfortunately, the facts do support the assertion. I've been involved with computers since the early days of Windows 3.1, and if I tally up the number of times I've had to deal with Windows security flaws compared to security flaws on Linux or Macs there's really no doubt at all that Windows is less secure by design, and also more expensive and complex to maintain an adequate level of security.