WannaCrypt Makes an Easy Case for Linux

[Qchan]

With the amount of patching we do for both Linux and Windows they both always have a few screws loose.

You see, you're looking at it wrong. You seem to think patching a flaw = good security. That's not true. Let me give you an elementary example:

1) You build a house out of straw.

2) I build a house out of brick

3) A hurricane whips by and hits both of our houses.

4) All of your straw gets blown away.

5) Only one brick on my house comes loose.

6) You patch your house so that the house lasts a few minutes longer under strong winds (it's made out of straw after all).

7) I only need to patch up that one brick by making the cement more adhesive.


This is the difference between Windows and Linux. Windows is the house made of straw and Linux is the house made of brick.

 

[Chuklr]

I'm sold!!!!

 

[heatlesssun]

You see, you're looking at it wrong. You seem to think patching a flaw = good security.

Proper maintenance of IT systems isn't good security but it is part of a good security process. That's Cybersecurity 101.

 

[Lunas]

sudo apt-get update
sudo apt-get upgrade
sudo apt-get autoremove
MAYBE A REBOOT
---DONE---

Make WIndows that easy and updates will come like rain to the Sahara. Right now, patching Windows is a nightmare compared to Linux or MacOS.

can it be so hard ?

----on the other hand, that's how I make my living........DONT PATCH, let me fix your stuff when you are down, HEHE

like 1/3 of my time I bill is patching Windows and the apps running on it. No need to tell anyone about ninite...hehe

Press button check for updates let run reboot...
Or leave computer run over night does it while you sleep...

Microsoft took away stupid people's ability to turn off automatically updating the windows.

The biggest issue is some times updates break old hardware or old software that relied on process hooks that got removed or changed. And software and hardware manufacturers don't devote alot of resources to keeping those drivers and software patched and tested.

So we have billions of machines running old unpatched windows with auto update off because if it updates the 30 year old receipt printer will stop working or the card reader will stop working or the eithernet or touch panel.

Or the accounting software or this geocities style web interface won't load...
And the bank or whatever is too cheap or unwilling to fix or unwilling to pay a tech to fix issues.

Did you know windows XP still gets patches issued because so many embedded systems still run it Microsoft had to continue support for it.

You see, you're looking at it wrong. You seem to think patching a flaw = good security. That's not true. Let me give you an elementary example:

1) You build a house out of straw.

2) I build a house out of brick

3) A hurricane whips by and hits both of our houses.

4) All of your straw gets blown away.

5) Only one brick on my house comes loose.

6) You patch your house so that the house lasts a few minutes longer under strong winds (it's made out of straw after all).

7) I only need to patch up that one brick by making the cement more adhesive.


This is the difference between Windows and Linux. Windows is the house made of straw and Linux is the house made of brick.

where your analogy breaks down is Linux is not made of brick it is a Lego set or kit home you need to assemble it and it has the illusion of strength through obscurity and 3rd party support. Also Linux has bugs needs security patches too don't claim it is perfect cause none are...

Windows would be preassembled drop it on the lot your done.

Mac is a RV everything custom only fits RV parts and everything is model specific...

 

[ChadD]

I think ChadD here is taking my comments about how difficult it would be to unseat MS, as my being negative about, or attacking linux.

ChadD, I am not saying linux is a bad OS, that it isn't capable, etc. I am just pointing out that there is much more that goes into it then just having a good product.

I understood what you meant. Arguing about Linux taking over or not is a business argument not a philosophical one. I am likely not being all that clear on what I mean by replace MS either. I don't mean to say windows will go away completely. I get that they have long term contract with many companies and entities like the military. However they don't have 90% of the market because the army has a few billion dollars worth of desktops in bunkers. They have 90% because mom and pop average have windows machines at home... they used to have something closer to 95% of the market when they owned education. Now thy have less then 25% of the education market... and Google is the dominant share holder of that market. Over the next few years Google is going to invade the corporate space no matter what Heatles bank does. Dump terminals are all that is required for many companies moving to the cloud... they easier to maintain, protect, roll out and they are cheap. Google has dominated education because they are inexpensive to support... support costs are the enemy not hardware or licencing costs. Issues with a remote google terminal... issues with such machines you simply replace them... or with no local data you simply remote restore an image and done.

No I doubt Linux ever gets to 50%+ of the market... however I can see it tying windows in 5 years in the 20% range. Apple isn't likely to move far off its 10% and Google will take up the rest of the market with a combo of ChromeOS / Android and likely a ChromeOS Pro type os if needed. If google goes after mom and pop average I don't see MS holding that off. Google has been showing they are more then capable of chasing MS out of markets at this point... MS counter attacks have been years late and weak.

 

[Qchan]

Proper maintenance of IT systems isn't good security but it is part of a good security process. That's Cybersecurity 101.

It's called regularly scheduled maintenance. Patching is just a normal part of maintaining a system and keeping it fresh and new. Just like you'd maintain a car, you'd patch your system. However, this doesn't translate to a more secure OS.

 

[Qchan]

where your analogy breaks down is Linux is not made of brick it is a Lego set or kit home you need to assemble it and it has the illusion of strength through obscurity and 3rd party support. Also Linux has bugs needs security patches too don't claim it is perfect cause none are...

Windows would be preassembled drop it on the lot your done.

Mac is a RV everything custom only fits RV parts and everything is model specific...

You seem very confused by my analogy. My analogy was made quite simple: Linux was designed from the ground up to be a more secure and robust system. Windows was not. Security was an afterthought when Windows was designed. Security was put on the forefront when Linux was designed - thus the brick and straw analogy.

In other words, if you build your house to last and withstand the torrential rains and high winds, then it will stand when those disasters come. When you don't build your house to withstand those things, then your house will fall when those disasters come. It's really just that simple. I can't make it any simpler than that.

Now, if you'd like to argue that logic when it comes to Windows, then please give me a scenario where Linux is just as susceptible as Windows when it comes to specific security vulnerabilities.

 

[heatlesssun]

It's called regularly scheduled maintenance. Patching is just a normal part of maintaining a system and keeping it fresh and new. Just like you'd maintain a car, you'd patch your system. However, this doesn't translate to a more secure OS.

It's the most import reason for maintaining a vehicle is keeping safe to drive? Proper maintenance of anything is absolutely vital to safe and secure usage.

 

[lcpiper]

Uh huh... If that's the case, then how did the CIA lose over a dozen spies in the matter of 2 years by the Chinese?

Source: https://www.nytimes.com/2017/05/20/world/asia/china-cia-spies-espionage.html?_r=0

Everybody and their mothers know that the US government is terrible when it comes to cyber security. This goes as deep as the US Army, since they like to use Windows machines that are very very easily hacked. There's a reason why, during the annual Hackathon, Windows is never ever used in the competitions there.

I'll start by quoting from the news article you linked to;

Some were convinced that a mole within the C.I.A. had betrayed the United States. Others believed that the Chinese had hacked the covert system the C.I.A. used to communicate with its foreign sources. Years later, that debate remains unresolved.

Now, although there could be other explanations beyond these two, which you brought up, I'm not going to run off into a guessing game and will limit my reply to these two.

The first possible that was addressed, that it was due to a mole doesn't have a damn thing to do with hacking a classified military network and I won't dwell on the FACT that the CIA is not part of the DoD and is not military.

The second, that the Chinese hacked a "covert system" used to communicate with it's foreign sources, also is not a DoD military classified network. And I will point out that a communications system doesn't have to be computer network based at all and could have been any number of old school methods spys have used over hundreds of years to ply their trade.

You are correct that the government is terrible with security. You are also correct that windows hasn't had the best track record when it comes to being hack-able. That being said, often as not it's not really Windows that is found vulnerable but applications or other services that are running on the platform like Java and SSL. And so, this is why ALL of the military classified networks are not connected to the internet or use any common hardware that is connected to the internet which is why I will state again, no US Military classified computer network has ever been hacked.

If you are going to prove me wrong, you are going to have to dig a whole lot deeper and at least make an effort to stay on target.

 

[lcpiper]

You seem very confused by my analogy. My analogy was made quite simple: Linux was designed from the ground up to be a more secure and robust system. Windows was not. Security was an afterthought when Windows was designed. Security was put on the forefront when Linux was designed - thus the brick and straw analogy.

In other words, if you build your house to last and withstand the torrential rains and high winds, then it will stand when those disasters come. When you don't build your house to withstand those things, then your house will fall when those disasters come. It's really just that simple. I can't make it any simpler than that.

Now, if you'd like to argue that logic when it comes to Windows, then please give me a scenario where Linux is just as susceptible as Windows when it comes to specific security vulnerabilities.

Oh, and let's set something straight, Linux was never designed from the ground up, it was built from Unix and Unix was designed to be a very secure system as far as that goes.

And here is my example;
https://www.us-cert.gov/ncas/alerts/TA14-290A

 

[Lunas]

You seem very confused by my analogy. My analogy was made quite simple: Linux was designed from the ground up to be a more secure and robust system. Windows was not. Security was an afterthought when Windows was designed. Security was put on the forefront when Linux was designed - thus the brick and straw analogy.

In other words, if you build your house to last and withstand the torrential rains and high winds, then it will stand when those disasters come. When you don't build your house to withstand those things, then your house will fall when those disasters come. It's really just that simple. I can't make it any simpler than that.

Now, if you'd like to argue that logic when it comes to Windows, then please give me a scenario where Linux is just as susceptible as Windows when it comes to specific security vulnerabilities.

This is going to make me sound a bit like a windows fan when I'm not I really do like the idea of Linux just not the execution or the support or ease of use.

It may have been true back in the 9x days of windows security was an after thought but that is why the nt kernel replaced the 9x kernel windows me was the last in the line where security was something tacked onto the system. With the advent of windows XP everyone was now on the windows nt kernel and security was a big concern. And the team behind it was used to working security.

You are mistaking security through obscurity for good coding. Additionally Linux has a luxury Microsoft does not if they find shitty obsolete code Linux can cut the shit out and put new good code in. Microsoft is forced to patch and repair decades old code otherwise they break some legacy device that the manufacturer can't be bothered to drop a driver update to fix.

And yes I understood the 3 little pigs analogy I misunderstood why you claimed Linux to be brick when it is all sticks...

 

[BulletDust]

It's the most import reason for maintaining a vehicle is keeping safe to drive? Proper maintenance of anything is absolutely vital to safe and secure usage.

As far as updating processes go, it's well known that the Windows updater is garbage while the Linux updating process is vastly superior. Furthermore, I'm just going to come right out and say it, as an OS Linux is more secure than Windows - Hence the reason why malware does so much damage under Windows vs literally anything else available.

People try to link evidence of the number of security flaws discovered under Linux vs Windows and think such statistics substantiate their opinion that Windows is a more secure product - Of course all such statistics highlight is just how efficiently holes are patched under the open source model as you can't be critical of exploits that haven't been discovered under an OS that runs the closed source model.

 

[lcpiper]

As far as updating processes go, it's well known that the Windows updater is garbage while the Linux updating process is vastly superior. Furthermore, I'm just going to come right out and say it, as an OS Linux is more secure than Windows - Hence the reason why malware does so much damage under Windows vs literally anything else available.

People try to link evidence of the number of security flaws discovered under Linux vs Windows and think such statistics substantiate their opinion that Windows is a more secure product - Of course all such statistics highlight is just how efficiently holes are patched under the open source model as you can't be critical of exploits that haven't been discovered under an OS that runs the closed source model.

Let's make sure we are clear, the updater isn't the cause of security vulnerabilities. I have seen WSUS update Windows systems for decades and it works fine even if some of the patches being pushed have issues. To put it bluntly, saying the Linux updating process is vastly superior is .... well.... so what? The patches get pushed, the software is updated, beyond that, the world's survival doesn't hinge on this shit.

I have to agree with heatlessun and Lunas, this is mostly pointless, both OS's present vulnerabilities and issues, and frankly, security is not the only thing an OS needs to be judged on.

 

[BulletDust]

Let's make sure we are clear, the updater isn't the cause of security vulnerabilities. I have seen WSUS update Windows systems for decades and it works fine even if some of the patches being pushed have issues. To put it bluntly, saying the Linux updating process is vastly superior is .... well.... so what? The patches get pushed, the software is updated, beyond that, the world's survival doesn't hinge on this shit.

I have to agree with heatlessun and Lunas, this is mostly pointless, both OS's present vulnerabilities and issues, and frankly, security is not the only thing an OS needs to be judged on.

See I don't agree.

People try to claim that Windows is just as secure as Linux and that all of Windows issues are solely the result of usage numbers. But the fact remains that malware damages Windows worse than it damages Linux, you can remove the malware from a Windows system and be left with an almost irreparable mess, this is not the case for Linux or OS's based on Unix such as OSX. Furthermore I see no evidence supporting the argument beyond all doubt that the cesspool of issues surrounding Windows are solely a result of usage numbers, but I see plenty of evidence supporting the argument that usage figures mean very little in relation to the issues surrounding Windows.

It's time for the Windows updater to grow up, no more reboots stuck at "updating 1 of 40, don't restart your machine". Updating should be simple, unobtrusive and effectively unnoticeable..Every other OS can do it, why can't Windows do it.

 

[YeuEmMaiMai]

sure it doesn't. As soon as people start to use Linux, they will pick it apart just like Windows...

 

[BulletDust]

sure it doesn't. As soon as people start to use Linux, they will pick it apart just like Windows...

Linux dominates on enterprise server installs, people have been using it for years now and no one's picked it apart yet.

 

[lcpiper]

See I don't agree.

People try to claim that Windows is just as secure as Linux and that all of Windows issues are solely the result of usage numbers. But the fact remains that malware damages Windows worse than it damages Linux, you can remove the malware from a Windows system and be left with an almost irreparable mess, this is not the case for Linux or OS's based on Unix such as OSX. Furthermore I see no evidence supporting the argument beyond all doubt that the cesspool of issues surrounding Windows are solely a result of usage numbers, but I see plenty of evidence supporting the argument that usage figures mean very little in relation to the issues surrounding Windows.

It's time for the Windows updater to grow up, no more reboots stuck at "updating 1 of 40, don't restart your machine". Updating should be simple, unobtrusive and effectively unnoticeable..Every other OS can do it, why can't Windows do it.

Well, I don't have any problem agreeing that the updater has room to improve

 

[Lunas]

See I don't agree.

People try to claim that Windows is just as secure as Linux and that all of Windows issues are solely the result of usage numbers. But the fact remains that malware damages Windows worse than it damages Linux, you can remove the malware from a Windows system and be left with an almost irreparable mess, this is not the case for Linux or OS's based on Unix such as OSX. Furthermore I see no evidence supporting the argument beyond all doubt that the cesspool of issues surrounding Windows are solely a result of usage numbers, but I see plenty of evidence supporting the argument that usage figures mean very little in relation to the issues surrounding Windows.

It's time for the Windows updater to grow up, no more reboots stuck at "updating 1 of 40, don't restart your machine". Updating should be simple, unobtrusive and effectively unnoticeable..Every other OS can do it, why can't Windows do it.

I found it very humorous when i loaded linux mint on this old core 2 laptop and i ran the updates to get some modules updated when it did exactly what you just called windows update out on... it loaded 40 updates then asked me to reboot then loaded 10 more and asked to be rebooted again...

In the end Linux suffers from lack of support by the majority of software companies coding any piece of software is an afterthought if it is linux compatible.

Both Linux and Windows need to address some issues with use. I don't know macOS very well but what I have seen of it is the same issues. With the one exception being you get support and updates only as long as apple support lasts then you are expected to throw the machine in the bin and get a new one...

As far as my experience goes I have used
Red Hat
mandrake
mint
unbuntu
rasbian
android 2.2-7.1.2
Windows 3.1- ME
windows NT 4.1-windows 10
Macos 7
macos 10.2-10.3
Ios 4-6
Dos 3.1-6.0

I will tell you right now the worst as far as updates goes is not windows it is android or ios. Both of those are designed with the mentality the device is only going to last 1-3 years and rather than update the software the device is going in the bin and a new already up to date device is what the user will use...

 

[YeuEmMaiMai]

Linux dominates on enterprise server installs, people have been using it for years now and no one's picked it apart yet.

we are talking about y'see desktops...

 

[ChadD]

where your analogy breaks down is Linux is not made of brick it is a Lego set or kit home you need to assemble it and it has the illusion of strength through obscurity and 3rd party support. Also Linux has bugs needs security patches too don't claim it is perfect cause none are...

Windows would be preassembled drop it on the lot your done.

Mac is a RV everything custom only fits RV parts and everything is model specific...

Well seeing as its analogy day and I love analogy day.... I'll continue with yours a little bit.

CONSUMER Linux distros... are for sure very much like lego. That can be anything you want it to be strong castle or teetering tower that may fall at any second.

Commercial Linux is something completely different. Commercial Ubuntu, Red Hat, Suse... would be like pre-built lego already put together by lego designers. Support for which is provided by lego experts.

Comparing the mis mash that is 1001 Ubuntu based user distros... or the Rolling test beds that distros like Tumbleweed or Fedora are. Is not at all what people are talking about when we are talking about security needed for business clients. They aren't running Fedora or Mint at any bank or gov office ect. Companies looking for a secure business oriented Linux are looking mainly at the top 3 big boy Linux distros that most personal users would hate.

BTW I love your analogy for the Mac... a custom RV. LOL Whenever I think of Steve Jobs for now on I am going to picture him in a tweed suit doing an 80s style crazy stevie needs to clear his inventory commercial. COOOME on down to the Apple Recreational Lifestyle Emporium.

 

[ChadD]

we are talking about y'see desktops...

Your right all the juicy data is on the Linux running servers and has been for a very long time.

Which makes the case for the end of "desktop" computers in commercial settings. Dumb terminals is the way to go. Google is on to something with ChromeOS. Every companies data is 1000% more secure on the Linux server, housing all the data.

 

[BulletDust]

I found it very humorous when i loaded linux mint on this old core 2 laptop and i ran the updates to get some modules updated when it did exactly what you just called windows update out on... it loaded 40 updates then asked me to reboot then loaded 10 more and asked to be rebooted again...

In the end Linux suffers from lack of support by the majority of software companies coding any piece of software is an afterthought if it is linux compatible.

Both Linux and Windows need to address some issues with use. I don't know macOS very well but what I have seen of it is the same issues. With the one exception being you get support and updates only as long as apple support lasts then you are expected to throw the machine in the bin and get a new one...

As far as my experience goes I have used
Red Hat
mandrake
mint
unbuntu
rasbian
android 2.2-7.1.2
Windows 3.1- ME
windows NT 4.1-windows 10
Macos 7
macos 10.2-10.3
Ios 4-6
Dos 3.1-6.0

I will tell you right now the worst as far as updates goes is not windows it is android or ios. Both of those are designed with the mentality the device is only going to last 1-3 years and rather than update the software the device is going in the bin and a new already up to date device is what the user will use...

Naturally kernel updates require a reboot, the really humorous consideration is did that significantly increase your boot times in a way that's flat out inconvenient as is the case with Windows? Of course, no need to answer that question as we already know the answer.

In terms of software support I don't have an issue, of course if you use Abobe products or require some obscure item of software professionally, stick with Windows. Based on my usage case as a high end PC user Linux achieves everything I want it to achieve using a combination of cross platform propitiatory software and open source alternatives, the reality is this will be the case for most users out there. I have no issues with the actual support of all the software I use, in fact everything is kept up to date in a way that's vastly more efficient to the Windows updating process. I can only post my experiences with Linux and to state anything else would be a flat out lie.

Furthermore, Linux support is not based on the age of your machine unless you're still running 32bit hardware.

I've also used a vast number of operating systems, probably more than you have listed in your reply, and out of all those operating systems the Windows updater is the most dated, inconvenient and convoluted process I've ever laid eyes on. Stripping the end user of all control under Windows 10 has only made things worse from the standpoint of a PC tech.

 

[BulletDust]

we are talking about y'see desktops...

Funny, I thought we were talking about operating systems.

 

[Qchan]

I'll start by quoting from the news article you linked to;


Now, although there could be other explanations beyond these two, which you brought up, I'm not going to run off into a guessing game and will limit my reply to these two.

The first possible that was addressed, that it was due to a mole doesn't have a damn thing to do with hacking a classified military network and I won't dwell on the FACT that the CIA is not part of the DoD and is not military.

The second, that the Chinese hacked a "covert system" used to communicate with it's foreign sources, also is not a DoD military classified network. And I will point out that a communications system doesn't have to be computer network based at all and could have been any number of old school methods spys have used over hundreds of years to ply their trade.

You are correct that the government is terrible with security. You are also correct that windows hasn't had the best track record when it comes to being hack-able. That being said, often as not it's not really Windows that is found vulnerable but applications or other services that are running on the platform like Java and SSL. And so, this is why ALL of the military classified networks are not connected to the internet or use any common hardware that is connected to the internet which is why I will state again, no US Military classified computer network has ever been hacked.

If you are going to prove me wrong, you are going to have to dig a whole lot deeper and at least make an effort to stay on target.

Honestly, what you're doing is damage control, which at this point, is silly. You're whole point is that Windows is just as secure as Linux under the US Army's supervision. So far, you have failed to prove that. In fact, my claim (which is one of many) points to the fact that the US government computers are hacked on a consistent basis. This is just a known fact.

Source 1: https://www.rt.com/usa/364614-us-china-cyberattack-targets/
Source 2: http://www.nbcnews.com/storyline/ha...hacking-us-more-china-hacking-us-much-n664836
Source 3: https://www.nytimes.com/2015/07/10/...gement-hackers-got-data-of-millions.html?_r=0

You don't really have a leg to stand on, and I think I'm wasting my time at this point....

Oh, and let's set something straight, Linux was never designed from the ground up, it was built from Unix and Unix was designed to be a very secure system as far as that goes.

And here is my example;
https://www.us-cert.gov/ncas/alerts/TA14-290A

Linux was built from the ground up, and it was based on Minix, sir.

Source: https://en.wikipedia.org/wiki/History_of_Linux


What frustrates me is that people who criticize Linux know very little about how it functions. It's like criticizing Football but understanding very little of the sport. It's just not something you would do without sounding awfully silly.

As for your example: this doesn't affect Linux. This is an SSL exploit which specifically affects browsing data. Such an exploit can be done simply by sniffing the packets in the air, because the manner of this exploit is a man-in-the-middle attack.

Icpiper, you do not appear to be very knowledgeable in the subject you are arguing. In fact, it seems as though this conversation is more about "winning" then it is about making sense. This saddens me. Please forgive me while I ignore you from now on.

This is going to make me sound a bit like a windows fan when I'm not I really do like the idea of Linux just not the execution or the support or ease of use.

It may have been true back in the 9x days of windows security was an after thought but that is why the nt kernel replaced the 9x kernel windows me was the last in the line where security was something tacked onto the system. With the advent of windows XP everyone was now on the windows nt kernel and security was a big concern. And the team behind it was used to working security.

You are mistaking security through obscurity for good coding. Additionally Linux has a luxury Microsoft does not if they find shitty obsolete code Linux can cut the shit out and put new good code in. Microsoft is forced to patch and repair decades old code otherwise they break some legacy device that the manufacturer can't be bothered to drop a driver update to fix.

And yes I understood the 3 little pigs analogy I misunderstood why you claimed Linux to be brick when it is all sticks...

Nothing you said in your reply makes any sense. Windows is ** still ** monolithic in nature. This has not changed. This is how the WannaCry worm spread in the first place. Listen, if a worm is capable of exploiting a vulnerability of a service the user has no control over, and that vulnerability can modify, add or delete the user's data afterward, then that system is flawed at a very basic design level.

Why? Allow me to explain further. If this worm exploited the SMB process on a Linux box, that process would not be able to delete, modify or add any of the user's data because THAT process runs as a separate user. Meaning, that process simply does not have permission to modify what does not belong to it. This is the major difference between the design in Linux and the design in Windows.

You have not understood the "house" analogy (not "3 pigs", because there are no pigs nor are there 3 houses in my analogy).

 

[Frobozz]

I'll start by quoting from the news article you linked to;


Now, although there could be other explanations beyond these two, which you brought up, I'm not going to run off into a guessing game and will limit my reply to these two.

The first possible that was addressed, that it was due to a mole doesn't have a damn thing to do with hacking a classified military network and I won't dwell on the FACT that the CIA is not part of the DoD and is not military.

The second, that the Chinese hacked a "covert system" used to communicate with it's foreign sources, also is not a DoD military classified network. And I will point out that a communications system doesn't have to be computer network based at all and could have been any number of old school methods spys have used over hundreds of years to ply their trade.

You are correct that the government is terrible with security. You are also correct that windows hasn't had the best track record when it comes to being hack-able. That being said, often as not it's not really Windows that is found vulnerable but applications or other services that are running on the platform like Java and SSL. And so, this is why ALL of the military classified networks are not connected to the internet or use any common hardware that is connected to the internet which is why I will state again, no US Military classified computer network has ever been hacked.

If you are going to prove me wrong, you are going to have to dig a whole lot deeper and at least make an effort to stay on target.

LOOSE CANNONS!

 

[Semantics]

You see, you're looking at it wrong. You seem to think patching a flaw = good security. That's not true. Let me give you an elementary example:

1) You build a house out of straw.

2) I build a house out of brick

3) A hurricane whips by and hits both of our houses.

4) All of your straw gets blown away.

5) Only one brick on my house comes loose.

6) You patch your house so that the house lasts a few minutes longer under strong winds (it's made out of straw after all).

7) I only need to patch up that one brick by making the cement more adhesive.


This is the difference between Windows and Linux. Windows is the house made of straw and Linux is the house made of brick.

Brick houses that aren't designed for shearing forces do very poorly, ones that are are super expensive, much worse than wooden houses designed to take the force. Especially if you don't tie down your roof. Or if flood waters come and shift the house foundation you're taking a total loss.

The person is better off saving their money with a straw house and a reinforced hurricane resistant room and let insurance take care of any losses. After all unless you're super rich you're not building a real brick home without a bank loan and that bank isn't going to let you not get insurance, you might as well use it better. Plus the money you save on the cheaper home can quickly be reapplied to properly grow your equity.

 

[ChadD]

Brick houses that aren't designed for shearing forces do very poorly, ones that are are super expensive, much worse than wooden houses designed to take the force. Especially if you don't tie down your roof. Or if flood waters come and shift the house foundation you're taking a total loss.

The person is better off saving their money with a straw house and a reinforced hurricane resistant room and let insurance take care of any losses. After all unless you're super rich you're not building a real brick home without a bank loan and that bank isn't going to let you not get insurance, you might as well use it better. Plus the money you save on the cheaper home can quickly be reapplied to properly grow your equity.

Oh man I wish my first two wives had read this. If only they would have been happy with a cardboard box I could have saved SOOO much moola.

 

[BulletDust]

Brick houses that aren't designed for shearing forces do very poorly, ones that are are super expensive, much worse than wooden houses designed to take the force. Especially if you don't tie down your roof. Or if flood waters come and shift the house foundation you're taking a total loss.

The person is better off saving their money with a straw house and a reinforced hurricane resistant room and let insurance take care of any losses. After all unless you're super rich you're not building a real brick home without a bank loan and that bank isn't going to let you not get insurance, you might as well use it better. Plus the money you save on the cheaper home can quickly be reapplied to properly grow your equity.

Lol, awesome!

 

[MrGuvernment]

Also Linux is hackers baby and they wouldn't do anything to make it look bad. Not too mention Linux is open source. Wouldn't it be a lot easier to find vulnerabilities or push compromised builds?

Nope, how many years was OpenSSL wide open "but but but, open source everyone can see the code and patch it" the problem is no one sites down and reads every line of code....

 

[BulletDust]

Nope, how many years was OpenSSL wide open "but but but, open source everyone can see the code and patch it" the problem is no one sites down and reads every line of code....

Which is in no way evidence that open source patching is in any way less efficient than the patching of closed source software. In fact statistical links regarding vulnerability patching have been linked on these forums many times over, often misinterpreted as evidence that Linux is somehow less secure than Windows, when the reality is the whole point of the statistic is to highlight how the frequency of vulnerability patching under Linux is by far superior to Windows.

You're argument that not everyone audits every line of code under Linux can quite easily be refuted by the fact that you cannot criticise what you can't see in relation to closed source software - There could be any number of vulnerabilities in that code that no one has any idea about yet, but I have no doubt that in time they'll work it out.

If I had to put my faith in a huge number of devoted people and very large corporations, far larger than MS, eagerly contributing to open source software or just trust MS themselves to audit their own code, I know I wouldn't be putting any faith in Microsoft.

As the OS that forms the backbone of the internet, Linux seems to be holding up quite well.

 

[ManofGod]

Somehow, like always, your response has nothing to do with what you quoted.

Ah, forget it, the response I give on these forums is often based upon my experience and what I prefer to use. It is a pleasure to use just about any computer OS nowadays though and it helps to learn more and more.

 

[Qchan]

Bulletdust, is that you? LOL You come in here, swing your dick around like a know it all and then have zero respect for others. Oh well, just what we need, more Linux "Experts" and "Apologist".

I will admit that I have been following this forum for a few years. However, this is the first time I've created an account here.

I am certainly a Linux expert, but I am not an apologist. I just happen to know my stuff...

 

[grtitan]

LOL! Boy, you sure are consistent and also, you are the very first to even mention fanbois of any kind, how about giving a valid point to the thread instead? (I know, I know, I did not either but then again, how do I make a valid thread point when responding to you? )

Somehow, you seem to respond very well to the shill and fanboi name, but who am I to say anything, right?

 

[ManofGod]

I will admit that I have been following this forum for a few years. However, this is the first time I've created an account here.

I am certainly a Linux expert, but I am not an apologist. I just happen to know my stuff...

That is cool, just be open to learning more about all this stuff and you will enjoy it more here. Also, it will be less stressful and argumentative for the rest of us.

Edit: I just got a warning not to troll so I need to be more careful.

 

[heatlesssun]

I am certainly a Linux expert, but I am not an apologist. I just happen to know my stuff...

I'm pretty sure most here know what they are talking about. But there's a lot of things said about Windows here that just don't always add up. Take for instance this particular piece of malware. Bad as it was you'd think that every Windows machine on earth was effected when in reality I think the highest estimate I saw was like 400,000 machines. Let's round that up to a 1,000,000. That would be about 1 in 1500 machines was effected. So as bad as this was, 99.9% were unaffected by it.

And then the update debate. Not at all saying it's perfect process but if it were as broken as some seem to claim I don't see how anyone could ever update a Windows devices without constant, deal breaking issues. I don't see how we'd be able to update 200k Windows 7 devices each and every month pretty much without issue. Or even how I'd even be able to update my 8 personal Windows 10 devices constantly without major issues.

We're not talking about absolutes but specific rates of failure with countless dependencies and conditions. This past weekend for instance, I finally got a Logitech Brio camera, it was on sale al Best Buy and I had some rewards points. Neat camera but it has had a number of reported problems and in particular with Windows updates. Long story short, after fussing with a number of things, I plug it in to a different USB hub, my computer is to far away from my seat to plug the camera into the computer and extension cables don't seem to play nice and well, all of that just to find the way to plug it in. And then it "just worked".

 

[ManofGod]

Basically, I see no good reason for any company to switch to Linux as a Desktop OS or for any company to switch to a cloud based only setup. If someone had started on Linux when they first opened their company, I can see them continuing on what they are using but, if a company IT setup was built up using Windows as their primary OS, I see no good reason to switch away from it and plenty of reasons to stay with it.

Fact is, since quite a few of the Internet servers are built using a Linux Server OS, why are they not designed to stop the spread of these type of infections in the first place? It seems to me that for something that is used as the backbone of the internet, the back is pretty weak.

 

[michalrz]

Y'all need Jesus.

In my humble opinion, wannacrypt did not make a case for Linux. Or at least, not more of a case than any other security or usability related issue. Ransomware is not new. Neither are security flaws.

(puts flame suit on)
I love Linux and I actively trust Linux with my stuff. (this disclaimer shouldn't be needed...)

But when Windows XP started gaining traction, the blaster/sasser stuff started happening and forced MS to get their act together with their new os.
Linux, in my circles, only started becoming popular long after that - when Vista appeared and people disliked it.

I could say I have some intellectual property I wouldn't want out in the open. And I trust Linux with it. Not Windows. Never have.

Security by obscurity is NOT the reason for this, though. I trust the general public to audit the code at least as good as MS does and that's already enough for me, because, with Linux, I am sure nothing will be insecure by _design_. I'm saying this in light of prism et al.

When I set up Linux for a company who is security conscious, I don't install the nVidia driver binary blob. Defeats the purpose.

I also avoid setting up a GUI altogether if it's not needed, disable as much as I can and never go bleeding edge. I do things like make sure disablerootlogin is enabled in sshd.conf.
A long term stable distribution like Debian is normally my weapon of choice.
When I apply updates, I do so on a staging copy (virtualized) of a system. Once I know nothing has broken - I apply the update on the rest of the systems. I need to be able to do this with Windows, and even on the low end (non enterprise) editions. Version control is security 101.

If I were to place Linux on a set of end-user desktops, I would expect dealing with almost all of the threats I deal with on Windows. Userspace, even if it is nicely separated from the low level underbelly, is still a place where keystrokes can be captured, malicious browser plugins installed, and where social techniques (like phishing) can occur.

So, to sum up, I trust open source software and the Linux kernel and entire distributions more than Windows at this time. Because I know what's in the package.
But, the need for user training and administrative good practice DOES NOT disappear once you install Linux.

 

[ChadD]

How you present yourself is on you and nothing I say will change that. However, at least to me, knowing your stuff and presenting yourself as a know it all are two different things. Also, quite a bit of what you have said here is nothing more opinion and than facts, regardless of your own personal experience.

Basically, why would I want to listen to you when you have already made it clear that no one here could possibly know more than you?

Why don't you leave the personal attacks for people with more then 20 posts... and stick to the topic. All I have seen him post is a few rebuttals of poor assumptions / info... an analogy that you could disagree with if you like but I can see how he was trying to explain his point... which is a simple truth Linux by design wouldn't be as easily compromised by a SMB exploit. Windows isn't designed properly, its origin as a GUI file manager for dos shows. (sorry MS described Win 1 as a "device manager" for dos 2.0). Linux and its Minix/BSD/GNU origin is more suited by design to resist malware exploits. That isn't to say its not possible to compromise a Linux system, its simply far more difficult. Describing them as the 3 piggies houses may not be completely accurate, but I see his point. Once you compromise windows its pretty much your bitch, to do the same to a Linux running system you have compromise a lot more then one or two systems. For a malware to get in to a Linux system, then encrypt user data or system data or install Crypto currency farming software ect ect would require 5 or 6 different exploits... and due to the modular nature of Linux the code to target multiple systems would be on the large size. Not impossible, just well beyond the ability of your average script kiddie.

 

[ManofGod]

Somehow, you seem to respond very well to the shill and fanboi name, but who am I to say anything, right?

So, when are you going to admit that Windows does a really good job for what it is designed to do, may computing easy and accessible to all?

 

[Qchan]

I'm pretty sure most here know what they are talking about. But there's a lot of things said about Windows here that just don't always add up. Take for instance this particular piece of malware. Bad as it was you'd think that every Windows machine on earth was effected when in reality I think the highest estimate I saw was like 400,000 machines. Let's round that up to a 1,000,000. That would be about 1 in 1500 machines was effected. So as bad as this was, 99.9% were unaffected by it.

And then the update debate. Not at all saying it's perfect process but if it were as broken as some seem to claim I don't see how anyone could ever update a Windows devices without constant, deal breaking issues. I don't see how we'd be able to update 200k Windows 7 devices each and every month pretty much without issue. Or even how I'd even be able to update my 8 personal Windows 10 devices constantly without major issues.

We're not talking about absolutes but specific rates of failure with countless dependencies and conditions. This past weekend for instance, I finally got a Logitech Brio camera, it was on sale al Best Buy and I had some rewards points. Neat camera but it has had a number of reported problems and in particular with Windows updates. Long story short, after fussing with a number of things, I plug it in to a different USB hub, my computer is to far away from my seat to plug the camera into the computer and extension cables don't seem to play nice and well, all of that just to find the way to plug it in. And then it "just worked".

I agree. 400,000 Windows boxes is a heck of a lot more than zero Linux boxes. And that's the difference between Windows and Linux.