Had plenty of hot fixes from Redmond do great and terrible things to their own OS, services and client software (I'm looking at you Office/Exchange/IIS)!
I would proffer the following -
2a - the fewer services you lay on any OS the more stable it is.
Discussion on:
View:
Show:
No matter what anti-virus one uses, it certainly is just a matter of time before their machine becomes infected (item #3). Without a proper backup (item #5), your data is quite possibly lost for good. Seems that most folks (and businesses) feel that the right approach is to gamble with their data. The "so far, so good" approach. With the recent news of many companies having been hacked and their data compromised such as Linkedin, and that gaming company, Blizzard, for example, I'd think people would sit up and take notice. Maybe.
... until my PC is infected? I've been waiting about 19 years now for this "inevitability" and it still hasn't occurred.
With this attitude, "for how long". Welcome to an unknown unknown.
Research suggests about 80% of Windows machines are infected.
Research suggests about 80% of Windows machines are infected.
What percentage of Linux machines would you say are infected? :-D
I run Kubuntu on my work laptop (my business reason is that I need Eclipse, which is happiest in Linux). I run ten different Linux devices at home.
All squeaky-clean, and not just because Linux is a better OS. Social engineering is still a risk, but I've received IT security training, and have passed the good advice on to my wife, who is careful and aware.
I run Kubuntu on my work laptop (my business reason is that I need Eclipse, which is happiest in Linux). I run ten different Linux devices at home.
All squeaky-clean, and not just because Linux is a better OS. Social engineering is still a risk, but I've received IT security training, and have passed the good advice on to my wife, who is careful and aware.
The install base for Linux is so small that it is not a prime target plus there probably aren't any reliable numbers since most linux users don't install anti-virus software. So, unless something breaks a linux user wouldn't know they are even infected.
Bill
Bill
And didn't he say in #7 "The Linux platform is still hindered by FUD"? I guess you must be one of those perpetratiors, or you're simply one of those reicked into believing that long trotted-out piece of FUD. Linux is secure because it's *designed* to be secure, while MSWindows is hackable because it's designed to be hackable.
I like Linux and use it quite a bit, and have done so since the earliest versions of Slackware and Red Hat. Since it's source code is public domain, it is actually les "secure" to a hacker than MS Windows "by design", however there are many very resourceful and well funded groups (mostly foriegn) who are constantly attacking the Windows platform--because that's where most of the most valuable and marketable data can be accessed .
The vast majority of recent exploits in both Windows and Linux have all been the result of insecurities in third-party applications. The difference between Windows and Linux is that the exploits quite often compromise Windows itself, allowing privilege escalation and potential major damage, whereas Linux more often limits damage to the current user's profile and privilege level.
Okay, maybe it is the OS...
Okay, maybe it is the OS...
What research are you refering to and what does Research suggests . . ." mean? I find it highly unlikely that at any given point in time 80% of Windows computers are infected.
Besides, this article is probably discussing businesses. I know of no business who has been free of malware. Some have very low occurrences, and most of those are innocuous, while others have quite high rates of infection. Those w/ little problems in this regard have the same things in common: Discipline (as in don't surf porn, or download illegally), no admin rights locally, and web content/malware filters in use.
You've been running the same PC for 19 years? I bet that thing is a nice machine.
I'm guessing you've been infected multiple times, you just never knew it.
I'm guessing you've been infected multiple times, you just never knew it.
There are 6 PCs in that timeframe, and none of them have been infected with anything. I have run scans at times to check, and they have been clean.
It's all about how you use the PC.
It's all about how you use the PC.
How did you avoid the blaster worm?
I remember doing a reinstall of windows and my PC was infected the moment I plugged in the network to install updates.
I remember doing a reinstall of windows and my PC was infected the moment I plugged in the network to install updates.
Use an already-patched PC to download the updates for off-line installation.
I've never had to re-install Windows on these PCs. If you look after it, it will run happily for years. Longest one was 7 years. It still booted in less than 30 seconds.
No matter how carefully you plan and how diligently you backup your system, the backup will NOT load!!!
But the time to learn that is when you test your backups BEFORE they are needed.
under VITA they did an audit of agencies. Unfortunately they asked the question "Are you performing backups routinely?" and left it at that. The obvious followup question should have been "Do you routinely restore/test your backups?" 
I've seen plenty of "good" backups fail to restore. If you have a business, you should be doing a business continuity test annually. We just had a customer loose an Exchange VM and the restore wasn't pretty, I'm glad someone else worked on that one.
and system recovery scenarios. Been there and got the T-Shirt!
Systems don't change as frequently, and often those changes are easier to restore. It's easy to make an image of a system disk or build a new virtual machine from a template, then apply subsequent service packs and patches. At least, easier than recovering lost user data without a backup.
I'm still waiting for my desktop to be hacked and/or infected. So far, so good, and it's running Windows!!! Please, stop digging at MS every time you post something unrelated - we all know, you hate MS and you hate Windows and you love Linux. That's OK, but your anti-MS stance needs to ease up a little.
I personally have a strong anti-terrorism stance. Terrorism has proven itself over and over to be evil.
Hey! Small world, Microsoft!
Hey! Small world, Microsoft!
The Boston Tea Party and the most of the US Revolutionary War were continuous acts of terrorism and treason (at least according to King George).
So was Indian independence. The strategy that worked came from this guy.... um... .Ghandi, I think his name was.
So much for absolutes.
So was Indian independence. The strategy that worked came from this guy.... um... .Ghandi, I think his name was.
So much for absolutes.
It's not bias, it's fact. I've been an IT pro for >15 years and I haven't seen an Internet-connected PC yet that has gone 5 years without getting infected by something. Microsoft's security has improved drastically from Windows 95, but the sheer volume of the market and the speed at which those with nefarious designs can find vulnerabilities (and the slowness with which most companies react) means that there are always going to be threats you are not prepared for. Instead of being a reactionary fan-boy, accept this reality and plan accordingly.
And by-the-way, neither Linux nor Apple are invulnerable either. In the case of Linux, they just have typically have a higher percentage of security-conscious/trained users and administrators.
And by-the-way, neither Linux nor Apple are invulnerable either. In the case of Linux, they just have typically have a higher percentage of security-conscious/trained users and administrators.
Linux users tend to be more technical, but Linux really doesn't have an install base so infection numbers are eschewed in my opinion. As for apple, it seems the more popular Mac's are becoming the more vulnerabilities are being found in Mac's which is leading to more infections. Apple also has been slow to respond to some fairly critical bugs which as a windows guy I find kind of funny.
Bill
Bill
"Linux users tend to be more technical, but Linux really doesn't have an install base so infection numbers are eschewed in my opinion."
It doesn't have much of an installation base on desktops / laptops / client systems. It's on at least as many back-end servers as Windows, and likely more. Servers also make tastier targets than clients.
It doesn't have much of an installation base on desktops / laptops / client systems. It's on at least as many back-end servers as Windows, and likely more. Servers also make tastier targets than clients.
Microsoft is the reason that sysadmins no longer have a "Wizard" status in the IT world anymore. They have created more paper sysadmins in the last 15 years that I can slap with an appropriate length of CAT5e cable.
"Oh, you're an MCSE? How cute. Now do something useful. Make mine a Venti White Chocolate Mocha."
"Oh, you're an MCSE? How cute. Now do something useful. Make mine a Venti White Chocolate Mocha."
I have multiple MCSE's, CCNA/CCDA, and other letters after my name. Pooh-pooh as you like, I run a Public Safety network with 15 or so varied and complex systems, and I've worked on major upgrades for the US Navy and large organizations. These are all top dollar positions, and they ALL specified certifications, especially MS, in their job postings - as do most of the better job opportunities out there today. Earning "paper" can be an empty achievement; it can also teach a person how to dig in, focus, troubleshoot, and research. By the way, a lot of that "edification" stuck - and I've solved some obscure and esoteric problems using what and how I learned. The article is right - keep learning, if you want to stay fluent, flexible, and marketable. I'm prepping to test out, yet again.... only hitch is, I think my brain is almost full...!
are no use, but the training and learning when done properly are good, I only have a win 7 cert so have limited experience, I would get more but the time and cost compared to the short life cycle they have is a bit daunting and putting me off getting any more.
11. Companies rarely if ever spend enough time and money to properly QA their product. That is why more often than not their is a 'patch' shortly after release. They depend on the users to 'test' the software and report back the bugs - free labor.
12. Support agents rarely get trained properly or in time to support a product. The companies rely on you, the user, to work with them to provide 'on the job' training as they resolve your issues. That is why often times an agent acts 'stupid' about a product.
13. Companies don't really want to provide support. The regard it as an expense on their balance sheet. That is why they set up 'user forums'. Its call the 'Big Boy' warranty - "your a big boy now; fix it yourself."
14. Often times companies come out with a new version, mostly bug fixes, with a few interface changes, or a couple of 'new' features that should have been included in the first place. Why? To get the customers to pay for the bug fixes.
15. Many companies don't really care if their product works or not just as long as you buy it and they don't get bad publicity or reputation for releasing garbage. If this was not the case why the disclaimers in the license agreements that the product is sold as is; you use it at your own risk; and they are not responsible if any bad happens because you use the product.
16. Some companies rush product out the door when it is not ready for release just to get it out before a competitor does or to improve cash flow.
17. Many companies do not insist that their programmers document their code. So when the programmer leaves the company the staff that is left finds it very difficult if not impossible to fix actual bugs within the code. Instead the write a series of patches to 'fix' the bugs after they occur to make the results look right, since they can't actually fix the problem in the 'core' of the program. One of the reasons programmers do this is to try to make themselves irreplaceable. It doesn't work. Another reason is that companies do not give their programmers enough time to do it. Documentation takes time and time is money.
18. No program is perfect. All programs have bugs.
19. Tier 1 support agents many times work from scripts. They listen to what you say, type key words into a database, and read back to you the results. If you think they have no idea what you are talking about you are correct.
20. They reason for long waits for tech support, other than it costs the company money to hire an adequate number of people, is that if you reach an agent to discuss and fix a problem, most if not all the profit from your purchase is lost. They want you to get tired of waiting and hang up.
I started doing programming and tech support in 1974 and I personally have experienced all of the above as an employee of many major companies.
12. Support agents rarely get trained properly or in time to support a product. The companies rely on you, the user, to work with them to provide 'on the job' training as they resolve your issues. That is why often times an agent acts 'stupid' about a product.
13. Companies don't really want to provide support. The regard it as an expense on their balance sheet. That is why they set up 'user forums'. Its call the 'Big Boy' warranty - "your a big boy now; fix it yourself."
14. Often times companies come out with a new version, mostly bug fixes, with a few interface changes, or a couple of 'new' features that should have been included in the first place. Why? To get the customers to pay for the bug fixes.
15. Many companies don't really care if their product works or not just as long as you buy it and they don't get bad publicity or reputation for releasing garbage. If this was not the case why the disclaimers in the license agreements that the product is sold as is; you use it at your own risk; and they are not responsible if any bad happens because you use the product.
16. Some companies rush product out the door when it is not ready for release just to get it out before a competitor does or to improve cash flow.
17. Many companies do not insist that their programmers document their code. So when the programmer leaves the company the staff that is left finds it very difficult if not impossible to fix actual bugs within the code. Instead the write a series of patches to 'fix' the bugs after they occur to make the results look right, since they can't actually fix the problem in the 'core' of the program. One of the reasons programmers do this is to try to make themselves irreplaceable. It doesn't work. Another reason is that companies do not give their programmers enough time to do it. Documentation takes time and time is money.
18. No program is perfect. All programs have bugs.
19. Tier 1 support agents many times work from scripts. They listen to what you say, type key words into a database, and read back to you the results. If you think they have no idea what you are talking about you are correct.
20. They reason for long waits for tech support, other than it costs the company money to hire an adequate number of people, is that if you reach an agent to discuss and fix a problem, most if not all the profit from your purchase is lost. They want you to get tired of waiting and hang up.
I started doing programming and tech support in 1974 and I personally have experienced all of the above as an employee of many major companies.
re: item 17... I've found that most of the time it's due to the reason you stated last... That companies do not give programmers enough time to document properly. Rarely do programmers do this to look 'irreplaceable'. This is especially true when you have a team working on one project.
I have been in IT for 7 years and have yet to see a gray hair on my head.
Of course, that might be due to the fact that I dye it red regularly.
Or it may be my sense of humor that keeps me young.
Of course, that might be due to the fact that I dye it red regularly.
Or it may be my sense of humor that keeps me young.
I agree with deianeira. You (Jack Wallen) say you've been in IT for nearly 20 years - a mere beginner! I've been in IT for 35 years and although I can't say I don't have the odd grey hair, the vast majority is still a youthful brown, although the quantity of hair has decreased significantly over the years! Oh I forgot to mention that I've never dyed my hair except once for a party when I dyed it green!
It is not MS hatred, it is a fact. Windows is not designed for security, period. Look at UAC - the system just cannot figure out who or what pressed a button. Try to turn on the Windows 7 firewall. I mean turn it on in real and not marketing terms, rejecting outgoing connections, and see for yourself if Windows can be both secure a usable.
Win32 cannot be secure even in theory and Microsoft finally accepted that. WinRT can be as secure as Linux, theoretically. Being secure means that when compromised the damage is limited.
Win32 cannot be secure even in theory and Microsoft finally accepted that. WinRT can be as secure as Linux, theoretically. Being secure means that when compromised the damage is limited.
Windows is a very secure environment. The big difference is that under Unix/Linux you setup user accounts and restrictions and then leave root-account alone. Windows gives you a machine with root-account and everyone behinds the system is administrator because majority doesnt serve out user-accounts and restrictions.
is that Microsoft insists on embedding a web browser so deeply within the GUI that it can't even be uninstalled.
But only if you have upgraded it from the default version included with your version of Windows. If, for example, you uninstall IE8 from Win XP, you will be faced with IE7 when you reboot.
Once you reach the version of IE included with your version of Windows, you will find you cannot uninstall it, you can only disable it.
Once you reach the version of IE included with your version of Windows, you will find you cannot uninstall it, you can only disable it.
You can remove the icons and shortcuts, but it's still there and enabled. If you type 'IEXPLORE.EXE' at a command prompt or Run box, it will pop right up. You're stuck with a 'hot' installation of the base version that came with the OS.
No. 2,3 and 6 are not true.
I've been a solution architect and enterprise architect for various companies for over 14 years.
2 - I have seen a number of unstable MS only Windows systems, and a very large number of highly stable Windows machines with all kinds of 3rd party software. I have also seen a lot of unstable Linux machines (albeit usually running Oracle).
3 - I doubt even 5% of our Windows fleets have ever been compromised. We have rigorous testing, vulnerability scanning and security processes in place and would certainly detect just about any threat that hit us in short order.
6. We are already running 'desktops on the cloud' today on a variety of platforms, from tablets to smartphones to laptops
I've been a solution architect and enterprise architect for various companies for over 14 years.
2 - I have seen a number of unstable MS only Windows systems, and a very large number of highly stable Windows machines with all kinds of 3rd party software. I have also seen a lot of unstable Linux machines (albeit usually running Oracle).
3 - I doubt even 5% of our Windows fleets have ever been compromised. We have rigorous testing, vulnerability scanning and security processes in place and would certainly detect just about any threat that hit us in short order.
6. We are already running 'desktops on the cloud' today on a variety of platforms, from tablets to smartphones to laptops
Early on I had a tendency to just install and uninstall willy-nilly. It wasn't until I ran into problems that I learned to manually clean up after an uninstall, make sure all the unnecessary files are deleted, to check for the latest drivers (even for software), and yes, even occasionally to clean the registry. Also make sure new programs don't automatically load on startup. (Unless you really want them to run at startup -- but do you really need photoshop to run at startup so that _if_ you want to edit a photo it will pop up in an instant instead of taking a minute to load? So you're willing to wait an extra minute for startup every time you boot up? What about all the other programs on your computer? Do you need them all running in the background, eating up all that memory [however much it is]?)
That's the real reason Windows is unstable (oftentimes): people who don't know what they're doing install stuff that "helps" them by doing things automatically, and it all piles on. (There's a mathematical theorem that if you put strings in a drawer, they will knot themselves [well, that's not the mathematical wording, but the translation into everyday words -- and proof that knot theory is useful: it's not just bad luck that those spare shoelaces tied themselves together but _logical inevitability_]. Similarly, if you just put complicated programs together, they will mess the computer up (note: not proven, just asserted -- computer programs are not exactly the same as shoelaces). They have to be managed.
That's the real reason Windows is unstable (oftentimes): people who don't know what they're doing install stuff that "helps" them by doing things automatically, and it all piles on. (There's a mathematical theorem that if you put strings in a drawer, they will knot themselves [well, that's not the mathematical wording, but the translation into everyday words -- and proof that knot theory is useful: it's not just bad luck that those spare shoelaces tied themselves together but _logical inevitability_]. Similarly, if you just put complicated programs together, they will mess the computer up (note: not proven, just asserted -- computer programs are not exactly the same as shoelaces). They have to be managed.
With all due respect to symowallo (& I didn't read the whole comment), it would take a person far more risk averse than anyone I know to regularly use Windows, and have never had any virus etc! As far as I know my regular virus scanning has always found them, but, I get them! (I also use Linux a lot, and have never had a compromise on those machines, that I know of.)
This is a great tem listing. I have to add one thing about security issues though. I have been involved in the IT industry for a long time, I even remember punch cards (the food old days). Over the years I have become tougher on the security issue in relation to performance. Seriously, I am the biggest fan of Webroot's Secure Anywhere Complete. It's fast, efficient, self updating, and no BS. My real security issue is this view. In the Netherlands where I live, datacenters have sprung up like weeds. They are overpriced, and the only winner is the stake holders who own them. Because the employees work like slave drones, sometimes they wake up and get curious about the data they are dealing with. I have seen so many successful penetrations from outside sources that it is just a joke. Linux is great, Windows is my preference. Security wise, Staff that are hot shot staff should learn to shut up. When they are working, on a VPN, and the corporate headquarters is monitoring their activities, nothing is secure. I watched tickets generated for drives to be replaced. The drives are not wiped or destroyed, but scrapped into a backpack . In some cases, I have personally seen IT people showing off their findings in a coffee shop or local bar to their buddies for a laugh. Business rated or XXX-rated, companies need to protect their assets by limiting who has access to their info. Watching a server being back doored and then being told that Open Source OS's are secure at the same time is a shame. All datacenters are hack able, and thanks to their staff using social media, there are more ways in than anyone would a\ever realize. Corporate systems need to be isolated from reachable networks. Just remember that if a movie or software can be leaked out before the actual release date, so can your clients and corporate data. When one person gets a hold of such data, their whole facility is responsible and that includes the upper management who should all be black balled from the industry forever. their next job should be at a burger stand saying "Would you like to Super Size that?".
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
