You mean there are nasty people out there who want to do nasty things to me & my PC ?
Malware and unwanted software made strides in the first half of 2008, according to the latest security intelligence report from Microsoft, which tallied a 43 percent increase in the number of programs exorcised by the the company's malicious software removal tool. In the first six months of this year, there were some 62 …
...imagine the results if they looked for more types of malware?
I'm a systems administrator and regularly see malware on users' pcs. However, none of it is ever discovered by the Microsoft application in question. Maybe they should try checking for a few more. Also, the whole process seems rather mysterious - why can't they be more open about it.
"To us, the data is evidence that users who use a firewall and anti-virus program and patch both Windows and third-party applications religiously aren't at much more risk than users of other platforms."
How on Earth do you get to that conclusion?! In your report there is no talk on the effect of having a firewall or not, nor do you mention the patch level of the systems discussed. Yet, you think that 3 infections per machine on average over 6 months is no worse than any other OS. Come on, this is complete twaddle!
My three machines (2 linux and one Mac) had no infections over the same period. That's nine infections less than the average. I know which OSes I'm sticking with...
"the data is evidence that users who use a firewall and anti-virus program and patch both Windows and third-party applications religiously aren't at much more risk than users of other platforms."
And who are those users?
The missing phrase from that quoted passage is the continuation:-
"...than users of other platforms who take no precautions other than using other platforms."
"Yes but their data also shows that 100% of vulnerabilities exist only on MS based systems."
Really? No other operating system or application has *any* vulnerabilities?
Thems just after 2 minutes quick look on el reg. Yes Windows systems are attacked more because there are more of them and therefore it is "relatively" (i.e. cost effective) easy to do so. I imagine if Apple OSX or Ubuntu or *whatever* was the major desktop system in use by the majority of the known universe then it would become more cost effective to target that. Unless of course you are sticking to your implied statement that ONLY windows has vulnerabilities?
Tux because nothing will ever beat this system
Yes, it's true that you're exceedingly unlikely to get any malware on your computer if you're not using Windows. This is a given. Redmond apologists like to say that this is only because there are more Windows boxes than any other kind, and that if some other operating system were as popular as Windows then it would have the same problems; this is untrue for a number of reasons, many of which relate directly to the technical design decisions made in the early days of Windows, but that's neither here nor there.
Security folks often tend to look to the box for defense. Run antivirus software, the common wisdom is. Run firewalls. Good advice, to be sure, but the fact of the matter is that this will never provide an adequate defense. Malware changes too rapidly for AV vendors o keep up with, and firewalls defend against worms but not against malware that comes in from the browser or through email.
What I'd like to see is more attention focused on the supply side, not the demand side, so to speak. Where is the malware originating? Surprisingly often, from compromised Web sites (SQL injection attacks, anyone?), from compromised blogging and forum software hosted on Web sites (dear God, somebody, please make the insecure installations of phpBB go away!), and from sysadmins and ISPs that just don't give a toss.
Case in point: a free phpBB service called setbb. At any given time, this "service" has anywhere between 29,000 and 48,000 redirectors on it that lead the unwary to W32/Zlob droppers; as of last Friday, a rough estimate I've made suggests that 1 in every 4 forums hosted on setbb is infected with a redirector that leads visitors to malware droppers. I've spoken to the Web host for the site; their position is "Well, we're aware that there's a serious problem here, but technically they're not violating our AUP because technically they're not hosting copies of the malware, only redirectors to it. So we're not going to do anything."
Another classic example: news sites which use internal redirection scripts that are insecure and don't check referrers. I've seen people hijack these redirectors by seeding Google with popular keywords linked to a news redirector that leads to a malware site, something like
Since Google recognizes "somenewscompany.com" as a news site, these redirectors appear in keyword searches within Google News. It's trivial to write redirector scripts that check the browser's referrer to prevent this sort of thing, but few sysadmins seem to do it.
I'd like to see a little more focus on the distribution side, not the desktop. If ISPs become more proactive about policing their systems (seriously, guys, it's not all that hard to do), if site owners were given a goose to keep their sites more secure (how about their host levying a fine on anyone who runs insecure software on their site if the software gets hijacked?), if people would guard against SQL injection (really, in this day and age, ANYONE who does not sanitize user input to guard against SQL injection needs to be taken out behind the chemical shed and shot!), wed do a lot more to solve the problem than this desperate rearguard "clean up the box after it's been pwnd" nonsense.
I use Windows, and Vista at that. I do patch regularly. I have firewall and AV. I don't expect it to keep me safe, so I try to be careful when browsing. I've had an XP computer for the past few years, and done the same. I can't remember the last malware/virus infection I had. Then again, I've also used Ubuntu for the past year, and liked it a lot. Didn't get any viruses on that either.
Maybe I'm just lucky.
Penguin, save me from the flamers!