Compartilhar via

A couple of interesting security blog posts

  • Artigo

 Jeff has an uncanny ability to dig into details that most folks gloss over: Exposed? : Examining Secunia Unpatched Warnings - Part 3

I have to concur with Kai: People like this just frost me: Security considered a burden for users

Comments

  • Anonymous
    January 19, 2007
    The comment has been removed

  • Anonymous
    January 19, 2007
    The comment has been removed

  • Anonymous
    January 20, 2007
    Doug - some very well thought out comments, thanks! But here's the funny thing. After I'd set up my wife' Vista PC, installed all the stuff she needs and configured it to the way she likes it, which took probably three days all told. She has never seen a UAC prompt. Not one. Not a SINGLE prompt! I think what's important about UAC is that for NORMAL users, like my wife, UAC is a non-issue. It's all us geeks thinking it's chatty. But that's my opinion.

  • Anonymous
    January 21, 2007
    I've stated to friends and family (who, as we all know, us types are local tech support for, right?) that the absolute number one thing they can do is run as non-admin. If I set up someone's computer, I set them up with an admin account and password, and then personal accounts for everyone in the household.  Like it or hate it, I set up Fast User Switching (because in the home world of Windows, one person does get up to do something while another person wants to use the computer). Once most of that person's typical software is installed, they don't have any problems.  They are also protected from most programs that want to "install" something (including malware) because their HKEY_LOCAL_MACHINE and C:Program Files folders aren't accessible. It is a panacea?  No, but I think it's step one in a layered defense. Now, the problem MSFT faces is making it so that we don't need local tech support.  This is not an easy fix.  Almost by necessity the first account created has to be an Admin account.  The problem for MSFT is, a LARGE number of households setting up Windows by themselves are NEVER going to make another account.  So we still, even in Vista, will have people running around as Admin. (Spoken by someone who hasn't even seen the Vista beta... and is eager to try it out when it releases.)

  • Anonymous
    January 22, 2007
    The comment has been removed

  • Anonymous
    January 24, 2007
    Jeff's numbers are off. Linux distributions are made up of third party software. Thus the number of vulnerabilities are not RedHat vulnerabilities, but vulnerabilities in third party software. RedHat didn't create these vulnerabilities. However, since they ship the software, they have to provide updates. So comparing Windows with Linux doesn't work. Microsoft does not issue patches for Adobe, Sun's Java, Winzip, Quicktime, Firefox, Nero, Roxio, Cisco, etc. The core of a linux distribution is the kernel, which is written by Linus. The kernel is useless without the userland and 3rd party software. So to summarize: RedHat is a collection of 3rd party software on top of the linux kernel, most of which is not written by RedHat. Microsoft is a complete OS, all software shipped is written by Microsoft. Apples and oranges. If you really want to compare apples and apples, one should compare Microsoft and FreeBSD or OpenBSD, since these ship a complete base OS, like Microsoft does.

  • Anonymous
    January 29, 2007
    My detailed thoughts with respect to Joe's assertion that the "Jeff's numbers are off." http://blogs.technet.com/security/archive/2007/01/29/common-objections-comparing-linux-distros-with-windows.aspx

  • Anonymous
    March 18, 2007
    luogo grande:) nessun osservazioni!

  • Anonymous
    March 19, 2007
    Chi ha fatto questo? E un buon posto per trovare le informazioni importanti!:)