Questions

Why is Windows often perceived to be more vulnerable to attack than other?

+
1 Votes
Locked

Why is Windows often perceived to be more vulnerable to attack than other?

latonyamcbrady
Why is Windows often perceived to be more vulnerable to attack than other systems, such as Linux and Mac OS?
  • +
    8 Votes
    OH Smeg

    Windows isn't often perceived to be more vulnerable it is More Vulnerable.

    The OS and Data as well as any programs are all on the same partition with no separation and user rights are nonexistent as far as Windows goes even with UAC it is still way too limited in what it can stop happening.

    Any service can run no matter what it does without question from the Kernel it just needs the trigger to run and it's going to run no matter if it's needed/wanted or not.

    Microsoft at best made a Platform that was barley Good Enough to do the job when there was no Internet involved it has only even being playing catchup to what a Secure System is since that time.

    Add to that the vast majority of Windows Systems are run as Administrator and you have next to No Security at all.

    Col

    +
    0 Votes
    ariesghost

    Thats odd, I run a windows base machine and have *never* had a virus. Nice try at the FUD.

    +
    0 Votes
    HAL 9000 Moderator

    So what else besides Windows do you have loaded?

    The question here was not is it possible to Harden a Windows System but

    Why is Windows often perceived to be more vulnerable to attack than other?

    Many people forget that Windows is not a AV Product on a Hardened OS Install and Safe Surfing it is just Windows and it does very little.

    I know people who love ME and think that Y2K, XP, Vista & 7 are retrograde steps but that doesn't mean that ME was Great just that some people liked it more than other Microsoft Offerings.

    So if you have been lucky enough to just use Windows on the Net without Hardening and have not got any Infections More Power to you but you are not A Normal User.

    The same as the Seller who sold a copy of Norton's 360 to a Apple Mac User and then refused to give a refund because they sold them the wrong software. The User should have know better.

    The reality however is that the majority of Users don't know anything about Computers and treat them as a Appliance which is cheaper to replace than repair when it goes wrong.

    Col

    +
    4 Votes
    john.a.wills

    Perhaps you are right, but I have always thought that Windows security problems were like Boeing crashes: at the time people were blaming Boeing, back in the1970s, there simply were more Boeing planes in the air, and now there are more Windows PCs in operation.

    +
    0 Votes
    HAL 9000 Moderator

    While you are sort of correct here John.

    Yes Windows has the biggest user base so it's more attractive to the Nasties it basically is a very poor design and Security has been sacrificed for Ease of Use.

    Just notice how every Security Improvement that M$ has ever introduced is always followed with Howls of Protest about how much harder things are to do.

    Then add in the Actual Users who want Easy Not Secure and that's the next step.

    But basically while the End Users are not overly interested in Security till they get Hit the Basic Design of the OS is a problem to begin with.

    Col

    +
    5 Votes
    databaseben

    windows for the most part is secure.

    however, the hackers and malware writers target windows because it is by far the most popular o.s. and used all over the world.

    +
    2 Votes
    rob

    Willie Sutton could have answered this. That's where the users are.

    +
    4 Votes
    robo_dev

    The same Windows features that let your grandma easily watch YouTube and install her own printer make it 100 times easier for malware or attackers to 'own' poor old grannies PC.

    Let's back up a bit to think about the mainframe....the only code that gets installed is what developers write, and it takes like ten people an entire weekend to install code on the beast. It that platform secure from malware-related- security issues? Of course...you just cannot get there from here.

    Similarly, a Sun Solaris UNIX server is somewhat similar in terms of process isolation and tight controls around privilege escalation. It's real unlikely that a UNIX programmer is going to surf the web on the Solaris host or install a game he downloaded from the Internet. Even if he did download a game with a worm in it, UNIX boxes are fairly simple to secure, so it's not real likely that the worm is going to 'get root' and run with it.

    Now, to be fair, we have to split the discussion between Windows SERVERS versus WORKSTATIONS, but to keep to the server discussion, Windows 2000 came configured WIDE OPEN, and only Windows 2003 came with services such as FTP and IIS shut off.

    But even today, installing a fresh Windows 2008 server involves about thirty hardening steps and also requires the install of IDS, AV, and even patch management software in order to keep it secure.

    The point to all this is that the ease-of-use and backwards compatibility features create HUGE security issues for Windows machines, and the OS has SO MANY features that it has lots of attack vectors that need to be considered and patched. It's code is so large and complex it's like defending the borders of Russia from attack....it's a very tough task.

    +
    0 Votes
    jallis

    Another factor to consider in my opinion is the makeup of the user base. Windows is the de facto entry level OS. So there is a base of newbie users who will never advance their skill level in maintenance. These are the folks that do not run updates, do not maintain protection, etc. creating an extra level of vulnerability. Linux and Mac users are a specialty group, more inclined to be technically savvy.

    I guess not just one reason but a "Perfect Storm" of factors at play.

    +
    1 Votes
    OldGrayWolf

    Not a programmer, not a developer, not a systems manager but a mere end-using 'old lady' working on a middle-aged Dell with the ancient Windows XP Pro... That's why this granny uses her own little arsenal of AV and anti-malware programs and runs them appropriately (often). I will admit that I have picked up one virus in seven years...and recognized it's influence on my system immediately...and tracked and killed it. Like driving a motor vehicle, ya just have to pay attention to the traffic and the laws--and learn defensive driving. I just sit back and laugh at the ongoing tug-of-war between the various OS users; it's very interesting to 'listen' to the opposing sides...quite the education for an amateur like me. Thanks.

    +
    1 Votes
    mjd420nova

    All those who do the nefarious things on the web, are going to go after the easiest first to support the research needed to go after the hard ones. Apple products make users feel too safe when numbers are compared but that doesn't take in the proliferation of X86 machines. Some don't bother to take even simple measures to prevent intrusions thinking they are beyond the direction or needs of the attacker.

    +
    1 Votes
    Who Am I Really

    is sitting in the chair;

    the secondary problem is the default settings of nearly everything is open

    the average user who doesn't know the difference between .doc & .exe
    would not tolerate a closed / locked down system that they'd have to learn how to open so they can use it in "everything just works" mode

    this is evident in the thousands of "how do I bypass the admin." questions all over the net when kids and employees try to do stuff on school / company systems that they can do at home but the IT dept. has locked out on their equipment

    and was one of the reasons for the backlash against UAC

    thus it's up to the power user to learn how to close down and secure it at home

    I've used winders from 3.10 to present and never had one virus
    had many infected machines given to me
    but never contracted anything from my own usage of my own systems
    one reason is I close up or disable as much unnecessary junk as possible without rendering the system inoperable
    though it would be difficult for the average user to use my system with the config. settings I use, I have no problem using it

    +
    0 Votes
    robo_dev

    I've never considered myself to be a security hole :) , but I have been called worse things.

    Your point is that a really skilled user can make Windows secure. The other side of that argument is that users should not have to have advanced security skills to use a computer.

    Thus a Macintosh with default settings and no AV software whatsoever is equivalent to the most locked-down and protected PC with 15 different AV packages installed.

    If Windows were a car, it would come standard with no brakes, no airbags, and no locks on the ignition or doors.

    It's really a business decision to make it purposely insecure; companies like McAfee or WebRoot would be driven out of business if Windows came standard with locks, brakes, and airbags.

  • +
    8 Votes
    OH Smeg

    Windows isn't often perceived to be more vulnerable it is More Vulnerable.

    The OS and Data as well as any programs are all on the same partition with no separation and user rights are nonexistent as far as Windows goes even with UAC it is still way too limited in what it can stop happening.

    Any service can run no matter what it does without question from the Kernel it just needs the trigger to run and it's going to run no matter if it's needed/wanted or not.

    Microsoft at best made a Platform that was barley Good Enough to do the job when there was no Internet involved it has only even being playing catchup to what a Secure System is since that time.

    Add to that the vast majority of Windows Systems are run as Administrator and you have next to No Security at all.

    Col

    +
    0 Votes
    ariesghost

    Thats odd, I run a windows base machine and have *never* had a virus. Nice try at the FUD.

    +
    0 Votes
    HAL 9000 Moderator

    So what else besides Windows do you have loaded?

    The question here was not is it possible to Harden a Windows System but

    Why is Windows often perceived to be more vulnerable to attack than other?

    Many people forget that Windows is not a AV Product on a Hardened OS Install and Safe Surfing it is just Windows and it does very little.

    I know people who love ME and think that Y2K, XP, Vista & 7 are retrograde steps but that doesn't mean that ME was Great just that some people liked it more than other Microsoft Offerings.

    So if you have been lucky enough to just use Windows on the Net without Hardening and have not got any Infections More Power to you but you are not A Normal User.

    The same as the Seller who sold a copy of Norton's 360 to a Apple Mac User and then refused to give a refund because they sold them the wrong software. The User should have know better.

    The reality however is that the majority of Users don't know anything about Computers and treat them as a Appliance which is cheaper to replace than repair when it goes wrong.

    Col

    +
    4 Votes
    john.a.wills

    Perhaps you are right, but I have always thought that Windows security problems were like Boeing crashes: at the time people were blaming Boeing, back in the1970s, there simply were more Boeing planes in the air, and now there are more Windows PCs in operation.

    +
    0 Votes
    HAL 9000 Moderator

    While you are sort of correct here John.

    Yes Windows has the biggest user base so it's more attractive to the Nasties it basically is a very poor design and Security has been sacrificed for Ease of Use.

    Just notice how every Security Improvement that M$ has ever introduced is always followed with Howls of Protest about how much harder things are to do.

    Then add in the Actual Users who want Easy Not Secure and that's the next step.

    But basically while the End Users are not overly interested in Security till they get Hit the Basic Design of the OS is a problem to begin with.

    Col

    +
    5 Votes
    databaseben

    windows for the most part is secure.

    however, the hackers and malware writers target windows because it is by far the most popular o.s. and used all over the world.

    +
    2 Votes
    rob

    Willie Sutton could have answered this. That's where the users are.

    +
    4 Votes
    robo_dev

    The same Windows features that let your grandma easily watch YouTube and install her own printer make it 100 times easier for malware or attackers to 'own' poor old grannies PC.

    Let's back up a bit to think about the mainframe....the only code that gets installed is what developers write, and it takes like ten people an entire weekend to install code on the beast. It that platform secure from malware-related- security issues? Of course...you just cannot get there from here.

    Similarly, a Sun Solaris UNIX server is somewhat similar in terms of process isolation and tight controls around privilege escalation. It's real unlikely that a UNIX programmer is going to surf the web on the Solaris host or install a game he downloaded from the Internet. Even if he did download a game with a worm in it, UNIX boxes are fairly simple to secure, so it's not real likely that the worm is going to 'get root' and run with it.

    Now, to be fair, we have to split the discussion between Windows SERVERS versus WORKSTATIONS, but to keep to the server discussion, Windows 2000 came configured WIDE OPEN, and only Windows 2003 came with services such as FTP and IIS shut off.

    But even today, installing a fresh Windows 2008 server involves about thirty hardening steps and also requires the install of IDS, AV, and even patch management software in order to keep it secure.

    The point to all this is that the ease-of-use and backwards compatibility features create HUGE security issues for Windows machines, and the OS has SO MANY features that it has lots of attack vectors that need to be considered and patched. It's code is so large and complex it's like defending the borders of Russia from attack....it's a very tough task.

    +
    0 Votes
    jallis

    Another factor to consider in my opinion is the makeup of the user base. Windows is the de facto entry level OS. So there is a base of newbie users who will never advance their skill level in maintenance. These are the folks that do not run updates, do not maintain protection, etc. creating an extra level of vulnerability. Linux and Mac users are a specialty group, more inclined to be technically savvy.

    I guess not just one reason but a "Perfect Storm" of factors at play.

    +
    1 Votes
    OldGrayWolf

    Not a programmer, not a developer, not a systems manager but a mere end-using 'old lady' working on a middle-aged Dell with the ancient Windows XP Pro... That's why this granny uses her own little arsenal of AV and anti-malware programs and runs them appropriately (often). I will admit that I have picked up one virus in seven years...and recognized it's influence on my system immediately...and tracked and killed it. Like driving a motor vehicle, ya just have to pay attention to the traffic and the laws--and learn defensive driving. I just sit back and laugh at the ongoing tug-of-war between the various OS users; it's very interesting to 'listen' to the opposing sides...quite the education for an amateur like me. Thanks.

    +
    1 Votes
    mjd420nova

    All those who do the nefarious things on the web, are going to go after the easiest first to support the research needed to go after the hard ones. Apple products make users feel too safe when numbers are compared but that doesn't take in the proliferation of X86 machines. Some don't bother to take even simple measures to prevent intrusions thinking they are beyond the direction or needs of the attacker.

    +
    1 Votes
    Who Am I Really

    is sitting in the chair;

    the secondary problem is the default settings of nearly everything is open

    the average user who doesn't know the difference between .doc & .exe
    would not tolerate a closed / locked down system that they'd have to learn how to open so they can use it in "everything just works" mode

    this is evident in the thousands of "how do I bypass the admin." questions all over the net when kids and employees try to do stuff on school / company systems that they can do at home but the IT dept. has locked out on their equipment

    and was one of the reasons for the backlash against UAC

    thus it's up to the power user to learn how to close down and secure it at home

    I've used winders from 3.10 to present and never had one virus
    had many infected machines given to me
    but never contracted anything from my own usage of my own systems
    one reason is I close up or disable as much unnecessary junk as possible without rendering the system inoperable
    though it would be difficult for the average user to use my system with the config. settings I use, I have no problem using it

    +
    0 Votes
    robo_dev

    I've never considered myself to be a security hole :) , but I have been called worse things.

    Your point is that a really skilled user can make Windows secure. The other side of that argument is that users should not have to have advanced security skills to use a computer.

    Thus a Macintosh with default settings and no AV software whatsoever is equivalent to the most locked-down and protected PC with 15 different AV packages installed.

    If Windows were a car, it would come standard with no brakes, no airbags, and no locks on the ignition or doors.

    It's really a business decision to make it purposely insecure; companies like McAfee or WebRoot would be driven out of business if Windows came standard with locks, brakes, and airbags.