In the past I would have said Linux hands down, but these days people are finding that you can be compromised and get malware no matter what OS you use. At least Windows gives end users the right tools to protect themselves, while MAC OS's rely more on the "security by obscurity" approach... many still convinced that they cannot get malware on their MACS. And hardly any tools available to protect themselves with. Given the choice, I would rather have a plethora of tools available to protect me, to go along with my ability to harden a Windows OS and get it much closer to the type of protection you'd get from one that is hardened out of the box (i.e. Linux). And of course utilize caution. But out of the box, no contest... Linux beats the rest to a bloody pulp. And I've stated my convictions before as to why I feel XP "Pro" (though not Home) can be made to be the most secure Windows OS to date, given the right set of variables. I won't go into it again, ever... just answering the question here : )
I agree. Being more or less an OS agnostic I've used XP, various Linux flavors, W7, *bsd etc and felt none were "secure enough" that no security hardenings were necessary post installation. I'm also pretty confident that I can make an XP setup more secure than a, say, untouched Linux Mint installation, and conversely, I could make the latter as secure as or more secure than the former. It's all up to the user and her/his goals.
Oh you are... you are indeed. To me anyway. You've just mentioned what would have been part of my stance in support of my answer. As stated just above, any OS can be made to be "secure enough" in the right hands. A smaller attack surface + less targeting, due to being lesser used/older can put that OS over the hump.
What environment, what required functionality, configured and maintained by who ? We have our systems (desktop and server, windows and linux), I have 7 years experience working with pen testers to secure systems and software and I can tell you that every time the pen testers find something we can improve on, regardless of the OS, as security is ever changing - new threats come along and the usages of systems change, IMHO an OS is as secure as the person responsible for maintaining and configuring it. What gets me is how many people say OS A, B is best or this OS is better as it has security feature Y, but few people actually test and try their systems security to actually prove their systems are secure, a lot of blind faith kicking around that is for sure. You can follow all the good advise on the internet, but one mistake can leave a system vulnerable. Even good advise sometimes has mistakes or wont work due to differences in system configuration or usage patterns. Cheers, Nick.
So what happens if one picks Windows XP RTM without any Service Packs? No no no, your answer is too risky.
Nothing happens, you just place the disk in your pocket and nothing will happen. Or decide to install it and not connect it to the Internet and nothing will happen. When one talks about an OS - they must always consider its very latest final public non-beta version. If you talk about Microsoft's Windows - it would be Windows 8 and nothing before it. If you talk about certain Linux distro, it would the be the last one, too. You can take even Win 1.0 - but that is not serious. Windows XP RTM which you mention has been released 2001 but its code dates back from 1999. Today is 16th March 2013. Giving an example with Windows XP even SP3 is not relevant - for sure it is not the latest and not the best from the vendor.
Mrkvonik said "Any one you choose." He didn't say "Any "very latest final public non-beta version" you choose." Also, the poll has XP and "Windows (other)" as options, as well as others.
Nothing at all happens. What is supposed to happen? It won't be the most elegant OS, but it will not get compromised just by being. You can run it smartly like any other OS. Use a basic firewall or router. Use a decent browser. Do not download crap. And that's it. Mrk
What "basic firewall" (actively developed or not) supports XP RTM? But that's beyond the point. Adding an extra basic firewall is about the same as "patching" from some perspectives. And that means XP RTM becoming something else. A router with firewall enabled is not an option for dial-up users. After connection, blaster worm will infect it automatically within minutes, probably. Especially if the connection comes from a not so great ISP.
The firewall in XP SP2 Good point, systems need to be able to be updated continuously keep up with new security threats. An OS that does not allow 3rd party security tools, tweaking of security config would be harder to keep secure as time goes on. Vigor 2820 is one option, SMC 7004 is another . I know some cisco routers have com ports that support us robotics analog modems. Cheers, Nick
But that means using XP SP2, not XP RTM. Buying another device to protect XP RTM means that XP RTM itself can't be trusted, right? Which means that XP RTM is insecure to be used alone with the PC and a regular dial-up connection or even a badly configured broadband connection.
All of this, of course, considering that the user is "invulnerable" to social engineering and that he won't use the insecure IE that comes with XP RTM. But that makes me wonder, all other actively developed browsers support XP RTM? What about Flash/Java? For how long?
Is there some restriction about installing updates to an OS ? Your probably right about XP RTM (I didn’t start using XP until SP2) and out of the box security. Just pointing out there are alternative ways to solve the security problem. Don't ever connect to the internet is also another. Cheers, Nick.
Mrkvonic's statement that any OS one chooses is "most secure". For this mental exercise, I supposed one picking XP RTM and sticking with it. But imagine somebody with XP RTM on dial-up (regular dial-up, without those niche devices with firewall, etc). Unless he has a CD with SP2, would it be realistic to assume that he would download and install SP2 before getting infected automatically by the blaster worm?
What MGR & Vonic say is true, but now they're being crucified due to semantics. I'd say anything from XP Pro (fully patched, with all the ones that concern you anyway), onward... can be made to be perfectly safe. Every bit as safe as Linux or whatnot, in the right hands. But I'd say the Home version of XP and older... not so much.
I think what Mrkvonic is saying is that the OS doesn't matter, a few basic tools are enough to stay secure.
That's not true (that the OS doesn't matter). The OS itself is one of the most important things when it comes to everything, including security.
The END user is the most important "thing." No even if you use the Fort Knox security set up that I proposed on the newest most updated windows. It doesn't matter when a user is an $#%# and will disable most of it and then install a fake antivirus because he/she didn't like Bit Defender. As the other guy said, even most insecure OS can be made quite secure with the best tools.
And that isn't true in all circumstances. It's a bad generalization, and potentially dangerous advise as well.
