Separate names with a comma.
Discussion in 'HardForum Tech News' started by Megalith, May 19, 2017.
You are wrong. Ever heard of ACL?
That was Patched in Feburary and as home editions don't have the option of differing updates that long they should all have it by now. Business who are running windows 10 aren't worried about breaking Legacy apps on there so if they aren't doing automatic updates than.... well they probably have their reasons but there should be no reason to hold off on them for more than a week.
While this worm could be considered an argument for switching your desktop to linux, there is also an even more compelling argument against it: actually having to teach people how to use Linux on the desktop. Any time saved by not having to deal with ransomware (which should be like 2 hours tops if you backup properly) will be lost the first day you switch the user base over to Linux. Hell, before that if you still have to print anything. I though Mac print drivers were bad...at least those work without having to hunt down obscure 3rd party software or edit system text files.
Don't get me wrong, I *like* Linux fine. It works on servers, and Google made it work on phones. Desktop needs that kind of care and polish and hasn't received it.
Ha - the shitshow that is distribution based patching would lead to even greater hilarity if desktop linux had the fraction of popularity of Windows.
Feeding frenzy doesn't begin to touch it. The absolute patchwork of utter crap that's out there because "something might break" is at ludicrous levels with Desktop Linux.
They better hope they never get popular enough to earn attention - this trope will die an ugly and spectacular death
And if they fail to manage it as they failed to manage Windows they will still have another spectacular failure sooner rather than later.
A poor artist blames his tools and all that
absolutely I am going to immediately suggest that our whole enterprise replace all windows 10 desktops with linux asap.
MS and most windows users don't seem to see where things are going.
We are about to jump into the wayback machine. Terminals are about to become dumb on purpose.
Google ChromeOS. Its been invading education the past few years... because its light, stupid easy to deploy, and security updates are hands free worry free... and ChOS plays very nicely with the cloud.
Every big tech outfit in the world has been pushing the cloud for more then a few years now. So guess what is going to happen, google is going to go after their terminal cheddar. If a company's software is cloud based their is zero need for a full operating system like Windows or MacOS or even Linux. Chrome will do... and as far as security goes its gentoo linux based and Google has been very good about pushing security updates fast quite and painless like. Expect 2017-2018 to be very big years for Google in the corporate world.
As much as I want to say yes they should all switch to Linux... I know its far more likely Google will push MS out of the market. Where Linux may make more sense is in some specific fields like health care where custom distros can be rolled out with full encryption ect and still have all the advantages of a Linux update system. (Ubuntu would be wise to fire up the Engineers and the PR machine and push the NHS to a NHSbuntu while its still a news story... their are plenty of markets where a cloud based OS isn't going to fly and windows is likely due for a shit storm the next few years if NSA style exploits keep getting leaked)
i got a chuckle off this line "There are additional variants of this Trojan that target other Unix and Unix-like systems. Discovered on November 5, 2015, by Dr. Web, this malware affected at least tens of Linux users."
Same old bull every linux fan even if they are not actually a user spouts. But here is the cheese for the trolls. Why would a malware maker target all 10 people who use linux exclusively when they can target billions of machines that run poorly patched windows either because the admin is lazy or the machine uses software coded 20 years ago and the company who made it either went tits up or moved on with their lives and doesn't support the eol software that the company using it was too cheap to upgrade.
Bottom line is when you make ransomware you target the largest user base it means you extort more people. Same reason you make any malware if you want to do anything noticeable you do it to the largest user base not the smallest...
I have no idea about install base compared between MacOS and Linux
but security by not being a "valuable enough target" might be overly foolish
The OS is generally a minor part of the security issue.
The real problem is the meat sack at the keyboard. And in most organizations IT cannot delete all the security holes (i.e. users).
The #1 operating system in the world is Linux.
I know I just blew your mind right. Android is a Linux distro... yet everyone is still attacking those superior windows machines. Of course android being popular means it gets targeted more then GNU Linux... it simply doesn't have the issues Windows has had, because it is more secure and updates are pushed through with no fuss.
It also makes a good argument for an inanimate carbon rod. Both are just as capable of running the apps I want to run.
Android has had more than its fair share of malware. What's saved it is that 99% of Android users leave their phone in "walled garden" mode so the apks get blocked.
That is not a solution for desktop class PCs.
Majority hit by the virus was windows7 users
91% windows7 users...
Windows7 still under security updates, windows7 with cumulative patches YET still exposed .
It does make a case for Linux simple as that.
Also windows might rule the desk (it came into existence as a single seat OS to displace UNIX...) But on servers and the net... LAMP stack rules. Where are hackers likely to get money or juicy infomation from... Big corp or home users
I was gonna say, I'm not sure Android is such a great example of a malware-free paradise...
The major problem with the OP's statement is that, the more popular an OS is, the more malwares and virus will be designed for it.
Sure, the Linux OS might be inherently more robust than your average windows (nor will I claim otherwise), but the lack of Malwares infecting Linux has also to do with the fact that there are less of them out there.
Also, the fragmentation of Linux also, ironically, helps it somewhat, as vulnerability of one Linux distro may not carry over to the other. There is only 1 version of Windows and thus more open to attacks, as malware programmers usually only have to concentrate on 1 distro.
I think a case can be made that Linux seems more secure because most of the Linux users are more security savvy then the average purchaser of that $200 Best Buy bargain laptop.
Incorrect. You can't look at distro's as completely independent entities akin to say winXP, win7 etc.. Linux and gnu are Linux & gnu...
All a distro is ... Is a particular version of the SAME parts. One distro might be using gcc6.1 at a moment in time, another 7.1. major bumps aligning with their major release cycles
Each distro then applies security patches when they are available & equally backporting to their major version in-use
All distro use gcc, all glibc, all the kernel, all udev
A flaw found in glibc will affect all distro. How it is patched is distro specific as upstream where it is fixed is at the HEAD but the flaw & attack vector is common.
So basically like Android, except more enthusiastic security patching then... I stand corrected.
Difference is that I, as an end user, can immediately find the hole and patch it, submit it to the Powers That Be, and propagate that security fix literally at the speed of the Internet.
And that happens while some middle manager in MS is still trying to figure out what to do....
We run Windows 7 on 200k+ devices and we didn't hit because yes, there's still support for Windows 7 and we have a process where at least monthly we deploy patches and it works very well. For us it's not a matter of patching or not because something might break. We do some internal testing before general deployment but we patch at least monthly because we have to. No if ands or buts. If something breaks, and that's extremely rare, we deal with on that end.
This here keeps being overlooked in the panic. Also, unless you're a moron with shares open to the internet, you have to run something for the malware to get in in the first place.
The whole thing is a non-issue. Keep your system patched and don't be an idiot.
What really cracked me up was "deployed Linux as a desktop OS for your company". LMFAO.
Huh? We use Windows 7 at work on 200k+, in the process of migrating to Windows 10. There's nothing for me to justify because I didn't make that decision. I'm just reporting that we didn't hit with this because we have good processes. If you don't have good processes in place, the OS being used isn't going to save you from internal process failures. That's Cybersecurity 101 stuff had isn't at all a defense of Windows. If you lure people into a false sense of security by telling them "Just install Linux" and they continue with the same crappy practices, they are setting themselves up for a security failure. Sure, if you stay off the grid and run desktop Linux, that can help. But once someone decides to target you who knows what they are doing and you crappy processes, you're going to wacked.
Linux will not save one from doing their damned job.
Somehow, like always, your response has nothing to do with what you quoted.
As long as you have an implant in your Bios you have lost the battle before you even heard the bang to run !
Just read the docs that leaked and you will see, with enough fundings and energy, all can be broken up and read, regardless of your OS on top. I am pretty sure there is a backdoor into any Dell and HP server Bios, every Cisco ASA ( stated there is ), Juniper etc..
It's just a matter of time and/or coincidence until those doors are also known to bad guys, now that they know they are there. That's the two edged sword of digital lifestyle, you can't just look at it like you are used to with any other good/value you want to secure and NO ONE knows it all.
Linux is in one way safer as it takes a different approach with user rights, but that is only 1 layer of many to have on your scope.
Linux as SMB is far superior to Windows SMB servers in many aspects, take Fragmentation as one of them, options in Filesystems as 2nd ( there are bare none for Windows but NTFS ), open sources as 3rd.
I for one always prefer a Linux FileServer over any Windows based one I have ever seen and the rights...well, just a matter of how much you are willing to dig into Samba and its options. Revision proof servers are easy in Linux and by nature Ransomware proof through the way rights are arranged, simple as that.
Most digital devices, I even dare to say BY FAR MOST, are based on *nix. Turn them all OFF and check how far you get, very likely not beyond your switch as your router runs a *nix.
All I am saying is that if people don't do even the most basic work in securing their systems, the OS hardly matters. Sure one can blame Microsoft for the flaw but good grief, there are practices that mitigate this stuff that are well known and not difficult to do and some people STILL don't do them.
1. It's interesting that Windows 7 is laxer in forcing updates and represents 9 out of 10 being hit. I run windows 7 and wasn't affect, but then I update my system when the updates become available.
2. Windows 10 which has a "forced" updated policy had a combined, apparent, infection rate of 0.05%. My Windows 10 machines were unaffected, as well.
I also routinely updated my Linux machines when they are available. Firewalls, which many distros list as "optional", are active on my Linux installs as they are on my Windows systems.
For me the bottom line is keep systems updated and firewalls on. It doesn't prevent everything, but it seems to help. Just my 2¢.
3. This exploited a SMB flaw and thus needed the needed ports exposed. ISPs don't. Corporations SHOULDNT but equally if a bag of meat opens the wrong thing it will spread like wildfire.
Likewise the general home user doesn't know how to turn windows update off
Generally corporations have not made the switch to Win10 but that is expected to occur in the coming year
I don't use Windows because I like Microsoft, I use Windows because it's the only OS that allows me to play Elite Dangerous in VR.
Yet you took you time to reply and defend your choice even when i didnt called you out directly...
You really think that i am that dense that i don't understand that fact of windows or Microsoft?
My comment apply to the local shills we have here and fanbois that need to defend their choices publicly.
With 90% desktop market share and the best software support, including malware BTW, no one needs to defend why they use Windows. Even with its malware issues Windows works in situations there literally is no alternative. And you calling folks shills doesn't change that.
Their are windows alternatives to every corporate situation. As you have said laziness is the enemy. Properly setup Linux terminals are easier to maintain, and with most companies moving to cloud based software their is almost zero need to run anything but a browser. Google has proven how well a stripped down cloud based Linux distro can work. For large corps that will be using cloud based stuff 90+% of the time with the need for a bit of local storage and not much else... stripping down a solid commercial linux distro works out very well.
Android has another big issue in that patches or updates in general must go through the manufacturer and then the carrier with few exceptions meaning for the vast majority of Android devices it never gets a patch and actually relies on the walled garden to protect the user who is expected to dump the device for a new one every 1.5 years...
Additionally it may be Linux based but it remains a semi closed source.
Who would be the one adding telemetry to linux upgrades ?
And a new ransomware is in the wild & win10 is affected. Let's see if it leaves the Ukrainian & then the topic of Linux can be viewed.
Remember America weaponised these vulnerabilities and then lost control of it. Lack of SOI audits of Microsoft facilitated such bugs existing
We have processes for updating both Windows and Linux machines, there's no inherent superiority in ease of updating either one in our environment. As for Windows alternatives, plenty of places including us have looked into them. Ultimately with the years of experience and existing software plus our relationship with Microsoft, we're a huge private customer and they listen to us, using desktop Linux doesn't necessarily come out on the balance sheet as cost effective.
WannaCry makes a case for Linux.
Using Linux makes a case for macOS.
What new ransomeware? And actually Windows 10 was effected by WannaCry but out of the box Windows Defender would quarantine the payload though the worm didn't target Windows 10 for whatever reason.
I'd argue that the average linux computer is a more desirable target than the average windows PC. The main reason is the type and volume of data stored on linux servers vs. home PCs. If a malicious actor hacks/compromises Hillbilly Paul's PC it's not going to yield the same data value as say... compromising Linked.in's Linux database or server. With everyone and their brother moving stuff to "the cloud", and the majority of these servers running Linux, I'd wager that makes them a pretty big target.
Here is a snapshot of Linux share as server OS: