Win7 machines harder hit by infection as VXers change tactics Win7 infection rates rose during the second half of 2010 even as malware hit rates on XP machines declined, according to official statistics from Microsoft. The latest edition of Microsoft's Security Intelligence Report shows an infection rate of four Win7 PCs per 1,000 in the second half of 2010, up from three Win7 PCs per 1, …
From the text is seems to be more correct to write "INFECTED POPULATION of four Win7 PCs per 1,000" --- for an infection rate you must have a time unit (per hour exposed? per month? per year? --- it cannot be that because then the later statement that it has fallen for XP over the same period would be nonsense).
But anyway the newsflash is of course "more viruses on 6month old PCs than when new out of the box". Who'd have guessed?
From the article, it seems that the rate is *new* infections per 1000 machines per six months. So it's not about computer age. The message seems to be that the average XP machine has a 14/1000 chance of getting infected in six months, while a Win7 machine has a 4/1000 chance of getting infected in six months.
Of course you can be "more immune" - both individually (degree of immunity), and as a population (rate of immunity). You can also be hyper-immune or immune-deficient: immune deficiency may be due to "depressed immunity" or atypical immune reaction.
Normal vacination programs aim to achieve "effective immunity", but if, for example, you do not complete a series of vacinations, you may be left with a low level of immunity, which may only effective in preventing disease from low levels of infective challenge.
I take your point however immunity does in fact vary, individuals immune response varies as does the amount of infectious agent they are subjected to. So generally a person can't be said to be just immune or susceptible but will form part of a distribution when the population as a whole is measured.
This post has been deleted by its author
To the two people who say this is a reason to stick with XP; I'm just going to cut and paste a couple of lines from the second and third paragraphs of the article:
"infection rate of four Win7 PCs per 1,000"
"infection rates for Win XP SP3 machines [are] 14 per 1,000 PCs"
Were we reading the same article?
Thanks for the absolute and relative infection numbers John. This is exemplary technical writing!
Did the "old guard" IT chaps on here forgot their reading glasses before posting?
As it stands today:
Windows XP 14 in every 1000 are infected
Windows 7 4 in every 1000 are infected
So no, according the data published in the article you are posting on it would appear XP is piss poor security wise.
Who would have thought it hey?
"Microsoft records a massive fourteen-fold rise in Java-based attacks during Q3 2010, as miscreants sought to exploit a pair of vulnerabilities prevalent at the time. These two vulnerabilities (CVE-2008-5353 and CVE-2009-3867) accounted for 85 per cent of all Java exploits detected in the second half of 2010."
Well, there's a shocker. Why do people use Java, again? Speed? No. Stability? No. User experience? No. Portability? Sort of. I guess. As long as you have the exact right JVM version and that version is compatible with your other Java apps.
I loved Java when I was a student and hadn't yet had to use it for anything serious. Now I loathe it. I can see how it might be useful in some fringe cases where running under multiple OSes is a top requirement, but you can't do a web app, and these two requirements are so hard to work around that you are willing to end up with a bog-slow crappy-looking app that sometimes crashes and might require a huge download before you can install it.
As a Java Swing dev of many years, I can confidently say you're talking (mostly) BS about Jsva
Speed?
- Startup has been massively improved with the quickstarter (some update in version 6). Sunacle are doing great stuff modularising Java which will make for more significant gains.
- Runtime speed is and has been for years more than good enough, IMO this claim is rubbish.
User Experience?
- if you mean startup speed then I think that's covered above
- if you mean general usability then that's down to the developers designing rubbish; Swing has any component you like, there's commercial component libraries. You can (and I have) write custom components to do anything. The apps can be skinned, etc
Security? I'm no expert in this area, but java has had it's security model baked in since day one, but I can't be bothered to research it. It's never been an issue.
On the positive
- Massive libraries are available, today, for any area
- 50%+ of webservers run on Java; are they all wrong?
- many investment banks in the City run on Java Swing, and they have quite hard real-time aspects.
- the online MMRPG "Runescape" runs as Java.
Java and Swing is still productive though I admit it's getting long in the tooth. Banks are starting to move to .net.
I am quite excited by Java FX 2, the new Oracle version. Amazing potential including startup times of about s second!
So, in summary, check your facts before trotting out the same tired "arguments".
If you look around the room and don't see a problem, the problem is you. The speed and stability of Java apps is *always* inferior to apps developed natively for a given platform. The UX aspect does depend on the developer, but apps developed in Java are typically uglier and possessed of fewer features than apps developed using Flash, Flex, or .Net. If you want to know about how useful a platform is, don't ask a developer, ask a user. What is the end result like for the person who actually has to use it? In the case of Java, it's crap.
As to your other points:
More than 95% of all desktop PCs run Windows, and yet Register readers waste no time dropping their Cheetos to lambast Windows, so majority share is clearly meaningless. Appeal to numbers or the majority is a sucker bet. I also work in financial services, and using financial services software as a reference for quality code (especially the leaky, buggy, bloated Java-based disasters used to run financial Web application software) does not win you any points; in fact, it goes much further to demonstrate *my* assertion. Referring to an obscure MMO also doesn't help.
I use Java apps *every day*, and *every day* I have reason to complain about doing so. Check *your* facts and stick your head up out of your cube. Talk to the people who actually have to *use* your software (without letting them know you're the developer) and find out what they *really* think!
I find a lot of Clickpotato infections in Windows Downloads folders, on client computers, indicating that people are installing it with programs that they are willingly downloading? This doesn't generally depend on any security exploits (other than evading antivirus detection), just peoples' willingness to install any crap from the Internet.
Perhaps these dodgy adware, toolbars, security scans and browsers that appear with just about every free download should be banned - or at the very least require a tick to opt in, rather than an untick to opt out.
Sure you have three time more chance to be infected than with Win7 but, when you consider that the current PCs are an ocean of space for XP, part of the infections rely upon java-based services and the stupidity of the users, then a not so tech-savy user can afford to stick to XP.
Unfortunately XP will run out of protection in the long term, in this sens Win7 is a rather good successor, but the next Win will eat all the place again. So why having a better secure OS if it is too low too heavy to be useless ?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
