What will 2012 bring in terms of cyber-crime?

Discussion in 'other security issues & news' started by PJC, Dec 31, 2011.

Thread Status:
Not open for further replies.
  1. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
  2. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    We have a choice to minimize being hit directly by choosing a safer operating system.
     
  3. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Like what, Linux? In the end, Linux is only as safe as its users choose to be themselves. Step outside the walled garden of the repositories and bets are off. Sure, the malware written for Windows won't work (provided you don't have a Windows machine on the same network), but there are a lot more attacks out there than just busting up the OS. Besides, what other choices do you have besides Linux? Mac? Mac has already been done. A smartphone/tablet? Already being hit and it's barely gotten warmed up. A "safer OS" isn't cutting it anymore.
     
  4. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    The point remains, that personal actions aside, there are, intrinsically, more safe and less safe operating systems. The choice is ours.
     
  5. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    In terms of an alternative OS,
    I wonder how Google is going to respond to...:doubt:
     
  6. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    All OS are vulnerable just some less then others and IMO its do to market share.
     
  7. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    Whatever the reason, if something affords more security and allows us to do all we want, why not go for it?
     
  8. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Agree.
     
  9. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    I will be surprised if incidents of cyber-crime don't increase almost exponentially due to the worldwide adoption of smartphones and tablet computers which (I believe) will be more vulnerable to hacking than PCs and laptops.
     
  10. guest

    guest Guest

    And what usable (for regular folks) Linux distribution offers more security than latest Windows? Not talking about Security through minority. Also, no other platform can offer the range of compatible games and different options of apps that Windows can. Drivers are also updated more often for Windows, and the performance is generally better. Microsoft ecosystem is simply superior, and the greatest reason is: developers focus on it.

    http://www.youtube.com/watch?v=8To-6VIJZRE

    Developers! Developers! Developers! Developers! Developers! Developers! Developers! Developers!.....Yes! ~Steve Ballmer

    rofl.
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Every single one lmao

    edit: Maybe you were just joking, I don't even know anymore. There is no argument here. Linux offers far better security than Windows and that's even ignoring security through obscurity.

    http://www.wikivs.com/wiki/Linux_vs_Windows#Security

    This is the tiniest little tip of the iceberg in terms of comparing their security. There's a significant difference in how security is handled. Something like EMET is providing attack surface but were it implemented in linux it could be compiled straight into the kernel. Welcome to open source?

    There's apparmor, SELinux, better privilege separation, far FAR better patch deployment, software repositories, open source applications are the standard, and plenty other more complex things that I can't even remember right now.
     
    Last edited: Jan 1, 2012
  12. guest

    guest Guest

    Yes there is.

    Linux kernel:
    http://secunia.com/advisories/product/2719/
    Unpatched: 6% (18 of 283 Secunia advisories)
    (also add vulnerabilities specific for the distribution and installed apps)

    Windows:
    http://secunia.com/advisories/product/27467/
    Unpatched 6% (5 of 90 Secunia advisories)
    (also add vulnerabilities specific for the installed apps)
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Reload the page.

    Andit's hilarious that you're comparing an open source project to a closed source project in terms of disclosed vulnerabilities. I mean, even comparing two open source projects or two closed source projects in terms of number of vulns is a joke but still. Number of vulnerabilities means nothing.

    You know what's far more important? Patch management. Linux kills Windows there.
     
  14. guest

    guest Guest

  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Here's how you secure Windows:

    "Oh let me find an antivirus 3rd party closed source software to smack into userland and expand my attack surface."

    Here's how you secure Linux:

    "Oh let me use the 3rd party open source software compiled into my kernel to secure my computer without increasing attack surface."

    I use Windows. I love Windows. There is no comparison in terms of security. The only thing worth mentioning is that MS has smartscreen and Linux doesn't.


    I don't know what "Shared Source" is but it doesn't matter anyways. Number of vulnerabilities is irrelevant. Patch management is also not super relevant but far far more important.

    EDIT: Ah, shared source means closed source but bits and pieces have been open sourced (and some of those open sourced pieces can't be written to.)

    http://en.wikipedia.org/wiki/Shared_source

    So, yes, Windows is a largely closed source project.

    OSI president Michael Tiemann considers the phrase "Shared Source" itself to be a marketing term created by Microsoft. He argues that it is "an insurgent term that distracts and dilutes the Open Source message by using similar-sounding terms and offering similar-sounding promises".
     
  16. guest

    guest Guest

    What's wrong with patch management for Windows?

    And oh please, stop copying/pasting FUD. I won't answer nonsense.
     
  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Shared source is a term coined by Microsoft. It's a nothing term lol, that's not propagating fear it's calling it what it is.

    Patch management is another metric we could discuss but it's still silly because of disclosure.

    In general:
    MS has had a long history of poor patch management. It used to be 3 months average, it got pushed down to just under 3 months the next year and then 2 months the year after that. Not sure what it's at now.

    Like I said, comparing patch management between two operating systems isn't a great way to see which is more secure.
     
  18. guest

    guest Guest

  19. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Woops, walked away and forgot about this.

    I think the biggest changes Windows has made towards security are in the form of moving from a single administrative user to having multiple lower rights users. This is a move Linux never had to make - it's always been the case. edit: The significance here is that applicatoins on Windows still ask for a lot of rights and there are just, in general, more restrictions in linux.

    Pretty much every big security change Windows has made has come from Linux. Does origin matter? No, but it should really tell you something.

    I'll come up with some better more technical stuff with fancy words later.

    edit: There's also the matter of software repositories.
     
    Last edited: Jan 1, 2012
  20. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    And what exactly is wrong with security through "minority"? Or are there different types of "security"?
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Obscurity isn't really great security because in any targeted attack it's entirely useless - the second someone looks at it you're screwed.
     
  22. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    I just love Secunia stats or rather they way they can be reported and spun. Why, we even had a massive poster here claiming that a rip-off version of a browser was safer than the original simply because Secunia had no vulnerabilities to report for the rip-off.

    For spinning, we just have to wait for the monthly browser stats to get excellent tutorials on spinning.

    And the variety of games certainly should take preference over security ;)
     
  23. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Variety of games and applications is what keeps me on Windows.

    Otherwise I much prefer access control in Linux. Integrity in Windows is nice but not nearly as fine grained.
     
  24. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    Don't extend the argument by introducing "really great" :D

    Are we talking of reducing the chances of getting hit or some sort of absolutist "zero tolerance" situation? In the latter case, even courier pigeons are unreliable.
     
  25. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Security through obscurity is situational security. It's not a hardened OS, it's not a hardened user, it's not even a technique or method. It is purely a situation where no one cares enough to attack you.

    Is it still security? Yep.

    The problem is that situations change easily. Security through obscurity does nothing to prevent direct attacks and the second anyone cares enough you can't rely on it anymore.
     
Loading...
Thread Status:
Not open for further replies.