Valid concept. Questionable reasoning.
Google employees are reportedly being told by their Mountain View overlords to dump Microsoft’s Windows because of security concerns about the operating system. According to a report in today’s Financial Times, which cites several Google workers, the ad broker has been telling its staff to move away from the Windows OS since …
So, during these past years when Microsoft was Google's adversary, and Windows was totally insecure, they used Windows.
Now that MS has finally managed to make Windows secure (is this was I've been reading), and Apple has replaced MS as Google's biggest adversary, now they choose to switch to Mac???
this is a smart move. Win7 may have better security than, for instance, xp, but is still less secure than the competition -- both due to it being a bigger tsrget (as so many will argue)
and do to ongoing design flaws that make it a softer targtet. Unless one has "legacy software' that requires windows (and won't run under wine) there's no reason to still use windows.
Thats what a manager at company I was contracting for was told by a Microsoft rep when the manager said they were replacing Exchange server for a Linux setup. Last time I checked they were still in business.
Out of interest I heard that TalkTalk had switched to Macs, anyone know if this true or just another urban myth.
I guess Microsoft found it was illegal to throw chairs at people until they repented and paid up for Windows etc.
Ah well, cry havoc and let loose the lobbiests of doom, and in a jiffy I'm sure assault with a chair will be "constitutionally protected."
«However, Google isn’t forcing its staff over to a Chrome-only environment yet and some told the newspaper that they were relieved to still be able to run Mac and Linux operating systems OTHER THAN CHROME at the company.»
There, fixed that for you.
Oh, and the guys at Redmond can snicker all they want: boarding Windows is what they have been forcing their customers to do for ages. I really can't see a better way to describe the pile of anti-threat software required to make any Windows box reasonably secure (making it almost unusable in the process).
"Google employees are reportedly being told by their Mountain View overlords to dump Microsoft’s Windows because of security concerns about the operating system."
Anybody would think that Google don't read El Reg... or Slashdot... or any of the computer press...
Just because they're almost ready to tout their Chrome OS (aka Yet Another Derivation Of Linux), it's no good going shouty-shouty a message that the clued ones got long ago, and the unclued won't care about.
Security concerns. This would be Chrome, as in Google Chrome, as in "cloud computing"? If I bought an orgasmic ARM based pointy-tappy notebook computer with Chrome, my data will be where? Where exactly is "the cloud"? If I upload data in France, will I get assurance that said data will be stored within the area of jurisdiction of European data processing legislation? Of course, it might be easier to route data to a massive server farm in Wisconsin (or wherever). Does this mean that The Patriot Act can be invoked, against my data, uploaded from my country, based upon their routing? What were you saying about security concerns?
Security concerns. My browser frequently stores login names and passwords for me. I'm not dumb enough to recycle the same password, but I'm not smart enough to remember them all. I absolutely do not want these synced to any external source as some of them are for important (privacy concern) things. Government/tax/bank/shopping (i.e. Amazon) and so on. Will I get a cast iron guarantee that such Information will never leave the computer, even if sent out in an "encrypted" form? The best way I can give myself privacy is by NOT syncing, at all. My user profile, my passwords, my history, my documents, and all that stuff reside purely and soley on my computer. But, wait, this is not a paradigm that works with "cloud computing". What were you saying about security concerns?
Security concerns. I have ZERO problem with streetview. I like it. I often waste a lot of time exploring places I'd probably never get to see "for real". The 3D option is a lovely blend of cool and seriously retro. I got a set of green/red glasses off a box of cereal! But, wait, we're getting a lecture on security concerns from a company that not only collected WiFI SSIDs and MACs (which *might* be useful for a non-GPS person to geolocate themselves by picking up the same IDs and asking Google "where the hell am I?"), but also coded up software to sniff anything else going. Okay, granted, as the car was passing they're probably only get snippets of data transfer, but it could be a pretty big snippet of a 16 megabit download in the time it takes a car to drive through the useful range of the WiFi transmitter (remember it's only sniffing, not trying to sync to the AP, so it will no doubt have a wider catchment zone). Again, the data is probably mostly "noise", only useful for stuff like "20% of people in <town> are downloading hentai anime" - if ONLY by attempting to reconstruct a frame or two out of the data plucked, but again the information is likely to be that much less useful if it applies only to those people using open APs. But, hey, they went and did it anyway. It could hurt them more than simply not bothering. WTF did they think they'd gain? What were you saying about security concerns?
Google may have a fair amount of altruism in its actions, but the guiding directive (which used to be a "kick-ass faster-than-Altavista-will-ever-be-and-NO-annoying-sponsored-results") seems to be profiling people to sort out more applicable (and hence monetarily lucrative) advertising. Is any of this going to infiltrate their OS? Will my data, activity, and habits be used to profile me to sell to advertisers? What were you saying about security concerns?
I do not run Chrome (browser). My first (minor) complaint is it installs itself into Documents and Settings (instead of, say, Program Files). Might not seem like much, but when they're on different drives, it would be nice to have an option. But the biggest problem is there is no distinction of the URL bar and the search bar. Every single keypress you put in the "URL" bar of Chrome is reported back to Google so it can help with what you are looking for. This may sound useful, like Google's autosuggestion feature, but if you're actually typing in websites... www.theregister.co.uk or www.creditagricole.fr or www.massivesuckableboobies.org [*] then it will all be sent back to Google HQ. Collected? Perhaps, perhaps not. That it does it at all "out of the box" (and thus perhaps not realised by many) is enough that I won't use Chrome. Don't believe me? WireShark yourself. What were you saying about security concerns?
* - I made that last one up. If it's a real domain, I will die of embarrassment...
"I do not run Chrome (browser). My first (minor) complaint is it installs itself into Documents and Settings (instead of, say, Program Files)."
The irony here is that Chrome installs into userspace instead of the bowels of the operating system in order to provide the user with a far higher level of security and privacy.
Epic fail indeed.
You don't need to be installed into the "bowels of the operating system". Opera isn't. Firefox isn't. But best of all, apart from some data that should be shared (like the 30-odd Mb suspect URLs SQLlite file), the DATA of these applications are in the user's documents and settings folders, as opposed to the ENTIRE application. Why is this an issue? Because per-user, the user DATA changes, the application stays the same. Except Chrome, which being installed into user DATA space will require a complete install for each user on the system. This may not be "that big a deal" to you, but really, it is pretty bloody stupid. Oh, and note, given this there is probably no centralised way to uninstall it either, other than logging in as each user and uninstalling it.
Are not Google a giant phish pharm for all of your dreams and desires, which they then sell on to whatever dodgy Tom, Dick or Harry or National Security Agency that pays them? And they have the cheek to imply that Windows isn't safe? Jeez .... Black calling Pot Kettle springs to mind.
And the Google Algorithms still haven't been able to crack the .... Is it a SMART Friend or a Clever Foe Question, which would deal them top notch, front runners in the CyberSpace Great Game Stakes to Approach with the Gift of Obscene Booty.
So some people still use IE6 get exploited and then Google dumps the whole OS in fanfare cause it's not secure. Maybe it was Gogle's dodgy coding that was the main reason but they won't release that obviously. Hope all their decisions are not based on the same level of logical thinking. Clearly this is just another PR exercise by Google.
"Now that MS has finally managed to make Windows secure"
Linux does have LSM (Linux Security Modules) and based on that SE Linux from NSA and AppArmor from Novell. AFAIK MS has not bothered to implement anything close to LSM and make that public.
There is "Sandboxie", but I am not sure it is based on the same solid foundations as LSM. Anyway, I expect MS THEMSELVES to integrate something like LSM (or chroot) into Windows. Apparently, IE8 does use something like this. I could not find a publicly usable API, though.
Probably, this is a smart move to hurt Firefox. Absolutely smart, Mr Ballmer.
So, Windows 7 => FAIL
If want something like 'chroot' in Windows, you should check out 'runas', it's been in Windows since W2K IIRC. Runas allows any program to be run in any user context, with all the permissions and environment/profile settings that this user has, but running in the same session as the interactive user.
That is like
sudo -u <otheruser> <command>
on Unix. It DOES NOT create a sandbox, if you (for any reason) have to create a very special setup for this user AND made sure this user cannot access anything else. Especially the latter is virtually impossible, because every single directory on the system is potentially affected.
A sandbox will intercept the system calls of an application and allow only those resources which are whitelisted. For example, an LSM sandbox could allow a browser pointing to www.acme.com only to read
/usr/lib/* (to load shared libs)
and to write
Tell me how this is possible with runAs....
You seem to misunderstand runas, it is a lot more than just sudo, it can allow chroot like functionallity (like I said) but you will have to setup users who can do or not do what you want. Claiming that having to change directories permissions (something very easy on Windows) somehow makes it too hard to use isn't really a good reason not to use it, after all most directory permissions would have already been setup.
It's not 100% sandbox, but it's pretty close.
I more or less agree with jake.
We've all been told that the security problem causing the breach was Internet Explorer 6.
If they hope that running incredibly old software (especially browsers) on Linux or MACs will make them more secure, they just know nothing about security.
Now, considering that at Google they're not newbies, I consider this a political message, nothing more, maybe even speculation on rumors....
Or maybe they're trying to blame Microsoft for their lack of policies (and/or monitoring and compliance) in using old unpatched software on insecure boxes to access the wild net and internal data...
Moreover, last time I checked it's Google itself that released their products primarily on Windows, inviting people who want to use their latest technologies to use Windows. Just think about Google Earth, the Chrome browser, etc... (almost?) all their products were released on Windows first, and better maintained on Windows.
Disclaimer: I'm a Linux/Unix/BSD user and don't like nor use Microsoft products myself.
You might think that Windows is secure, yet still, the vast overwhelming majority of viral infections are in Windows computers. It is a rare case that ether Linux or MAC OS are infected for whatever reason. It makes good business sense to use a non-MS OS. I use ether Linux or MS on my computers. The file server is Linux and so is my personal computer. The only computers that have had problems had MS on them. Go figure.
I made the switch to Linux a while back when I realised it was not possible to secure any windows machine. you can lock them down all you want the crackers are always so far ahead that it makes not difference.
If as an individual I made this decision I cannot understand why so few companies do the same. I can understand my aging mother and her kind sticking with windows but cannot understand why any one else would.
I heard a lot of praises for Windows 7 and it is expected since each release of windows has been more secure. however, I am still not trusting a single windows machine. If I am in a pinch and has to use a windows machine for anything other than casual web browsing I change any password I used as soon as I get back to one of my trusted boxes. My wife though I was paranoid until her her laptop with Vista got infected with a root kit and some other nasties late last year. the up to date antivirus software made no difference.
It is time for Google and eat their own dog food. If they are so good in Linux it is about time to live with it. It is just as simple as that. It seems they are not the only one but they are perhaps more vocal than others who do not want to get in Microsoft's cross-hair.
Linux isn't immune, nor is Mac OS X. But they both start from a different premise than WIndows.
In Linux/Unix (inc. Mac OS X) an admin user does not have root privilege. Certain users can get it, but no-one runs that way (and no default install works that way).
In Windows the "main" user runs as root. Yes - I know it's possible (although difficult depending upon which version you have) to restrict it a bit, but this is the essence.
THIS is the day-zero MS "fail" that has enabled so much misery. And so much money to scammers, Symantec and McAfee
Technically Linux is just the kernel program. It's the Linux distributions people use that are likely to be secure relative to Windows. And occasionally not: Puppy Linux used to have the default desktop user running everything as root a few years ago, but too few people used it for many to notice. Also if and when world + dog are using Linux and point and click Linux executables are therefore in a high proportion of dodgy emails and on most compromised web servers, Linux distros won't then be very secure unless the browser and desktop middleware ensure each such executable can only be executed or installed easily inside its own disposable sandbox.
"Using Windows without a brain is like Playing Russian Roulette"
There, that's better.
Now, I'm not saying that Windows is secure. Dear God, no. But I am sitting behind a hardware firewall with a non-IE browser as my default and I haven't had a problem in years. Of course, I'm intelligent enough not to click on any "super funny video HERE" or "check out (latest chick name in the spotlight) nude pics HERE" link that happens to continuously find its way into my mail.
No, not even when a friend of mine sends it to me. If that happens, I phone my friend and tell him that he's got a virus on his system.
Oh yeah, and I don't use Outlook or MSN either. Or FaceBook, or MySpace, or any other "social network" thingy.
In other words, when running Windows you can avoid attacks if you approach your keyboard and mouse like you would a rabid lion.
I'd gladly go to a Linux platform, really, but I'm a gamer, so no choice there.
"In other words, when running Windows you can avoid attacks if you approach your keyboard and mouse like you would a rabid lion." .... Pascal Monett Posted Wednesday 2nd June 2010 09:37 GMT
:-) Thanks for that gem, Pascal.
A move to ChromeOS makes sense - why pay licenses to use a competitor's product? It is also a bit much to expect others people to adopt any given OS if it isn't widely adopted in-house. Car manufacturers follow this thinking - BMW don't buy Mercedes company cars, for instance.
Given recent disputes with Apple, the choice of Mac seems a bit strange but maybe they are thinking that as Mac can run MS Office but is "unix in disguise", it represents an intermediate step in migrating users from Windows and towards Chrome OS.
"In Windows the "main" user runs as root. Yes - I know it's possible (although difficult depending upon which version you have) to restrict it a bit, but this is the essence."
I am using Windows VISTA (and have been using XP) to develop software, write documents and surf the web. No "Admin" user required whatsoever.
The problem are the lazy and ignorant user community of Windows, not the technology itself.
I have just posted similar comments on Techme and Techrepublic but here goes as with all of windows systems they have for a long-time used the premise that by adding updates masquerading as security they have been able to gain greater and greater control of the statistics produced by your surfing. Instead of just saying like so many other companies including google do you want to share, when you say the word NO ! they still find a way. Even down to suggesting a piece of software to allow you a choice of browser as an option ? Really l already use google chrome and will continue to use googlechrome browser. It self patches and when you have a problem it automatically covers your back, providing you share they offer you more and make surfing better.
I know someone will say that is why they use the statistics, but l tried updating windows and adding the new security patches and packs and all it did was enable a lot of exe`s in my firewall even when l said allow once or block and then a massive attack l was not even aware of and it took me days to clean my system.
SO I SAY WELL DONE GOOGLE AND EVERYONE ELSE SHOULD DITCH THEM AS WELL.
Surely replacing windoz boxes with Macs is an expensive way to go about it since the same spec of Mac is at least twice as expensive as the equivelent Windoz pc? I know google aren't exactly short of cash but if its going to be replaced with a chrome os install at some point why not just install some flavour of linux on a Windoz box until chrome os is ready for a full rollout?