Posted on 01/16/2005 12:04:57 PM PST by Bush2000
Windows is more secure than you think, and Mac OS X is worse than you ever imagined. That is according to statistics published for the first time this week by Danish security firm Secunia.
The stats, based on a database of security advisories for more than 3,500 products during 2003 and 2004 sheds light on the real security of enterprise applications and operating systems, according to the firm. Each product is broken down into pie charts demonstrating how many, what type and how significant security holes have been in each.
One thing the hard figures have shown is that OS X's reputation as a relatively secure operating system is unwarranted, Secunia said. This year and last year Secunia tallied 36 advisories on security issues with the software, many of them allowing attackers to remotely take over the system - comparable to figures on operating systems such as Windows XP Professional and Red Hat Enterprise Server.
"Secunia is now displaying security statistics that will open many eyes, and for some it might be very disturbing news," said Secunia chief executive Niels Henrik Rasmussen. "The myth that Mac OS X is secure, for example, has been exposed."
Its new service, easily acessible on its website, allows enterprises to gather exact information on specific products, by collating advisories from a large number of third-party security firms. A few other organisations maintain comparable lists, including the Open Source Vulnerability Database (OSVDB) and the Common Vulnerabilities and Exposures (CVE) database, which provides common names for publicly known vulnerabilities.
Secunia said the new service could help companies keep an eye on the overall security of particular software - something that is often lost in the flood of advisories and the attendant hype. "Seen over a long period of time,the statistics may indicate whether a vendor has improved the quality of their products," said Secunia CTO Thomas Kristensen. He said the data could help IT managers get an idea of what kind of vulnerabilities are being found in their products, and prioritise what they respond to.
For example, Windows security holes generally receive a lot of press because of the software's popularity, but the statistics show that Windows isn't the subject of significantly more advisories than other operating systems. Windows XP Professional saw 46 advisories in 2003-2004, with 48 percent of vulnerabilities allowing remote attacks and 46 percent enabling system access, Secunia said.
Suse Linux Enterprise Server (SLES) 8 had 48 advisories in the same period, with 58 percent of the holes exploitable remotely and 37 percent enabling system access. Red Hat's Advanced Server 3 had 50 advisories in the same period - despite the fact that counting only began in November of last year. Sixty-six percent of the vulnerabilities were remotely exploitable, with 25 granting system access.
Mac OS X doesn't stand out as particularly more secure than the competition, according to Secunia. Of the 36 advisories issued in 2003-2004, 61 percent could be exploited across the Internet and 32 percent enabled attackers to take over the system. The proportion of critical bugs was also comparable with other software: 33 percent of the OS X vulnerabilities were "highly" or "extremely" critical by Secunia's reckoning, compared with 30 percent for XP Professional and 27 percent for SLES 8 and just 12 percent for Advanced Server 3. OS X had the highest proportion of "extremely critical" bugs at 19 percent.
As for the old guard, Sun's Solaris 9 saw its share of problems, with 60 advisories in 2003-2004, 20 percent of which were "highly" or "extremely" critical, Secunia said.
Comparing product security is notoriously difficult, and has become a contentious issue recently with vendors using security as a selling point. A recent Forrester study comparing Windows and Linux vendor response times on security flaws was heavily criticised for its conclusion that Linux vendors took longer to release patches. Linux vendors attach more weight to more critical flaws, leaving unimportant bugs for later patching, something the study failed to factor in, according to Linux companies. Vendors also took issue with the study's method of ranking "critical" security bugs, which didn't agree with the vendors' own criteria.
Secunia agreed that straightforward comparisons aren't possible, partly because some products receive more scrutiny than others. Microsoft products are researched more because of their wide use, while open-source products are easier to analyse because researchers have general access to the source code, Kristensen said.
"A third factor is that Linux / Unix people are very concerned about privilege escalation vulnerabilities, while Windows people in general are not, especially because of the shatter-like attacks which have been known for six years or more," he said. "A product is not necessarily more secure because fewer vulnerabilities are discovered."
I do, and it usually restricts my ability to do my job. That is unless I spend hours crafting a custom set of permissions tailored to exactly what I'm doing. Of course, you don't get this ability on Home Edition, which is what's shipped on cheap PCs.
Mac gives you basically "Administrator lite" when running as administrator. You can screw up your own stuff, install and remove programs, etc., but you (and worms running under your permissions) do not have the power to hose the box. This is default, no expert XP admin knowledge needed.
And what about the XP install disk I have directly from Microsoft? As far as I can tell, the status of the doors seems to about the same as OEM XP installs.
You do NOT want to go into the area of Windows and usability. Windows' usability only looks good when compared to Linux, but it's pretty bad when compared to a Mac.
You're too kind. Windows' interface design is abhorrent.
I frequently show Microsoft screens to clients (and get a big laugh) when I'm demonstrating how NOT to design an interface.
What usability problems does OSX have?
Great post..
We can start with the Dock, which is pretty but not great for usability. Of course the only reason it's there is to woo Windows users used to the taskbar. Message to Apple: taking off of Windows UI features is not a good thing for your UI, although it does help with marketing. Luckily, the Dock can be replaced with something more useful.
Of course the only reason it's there is to woo Windows users used to the taskbar.
Actually the menubar at the top that has existed as long as I can remember is more similar to the taskbar than the dock (in my opinion).
That's the problem. I understand that Apple did it for marketing reasons, but Windows is not the OS to look to for UI design.
Actually the menubar at the top that has existed as long as I can remember is more similar to the taskbar than the dock (in my opinion).
Unlike in Windows, the menubar at the top is excellent UI design.
Both you and Swordmaker are complete hypocrites. You blame Microsoft for damage that users do to their machines -- even though you allow them to run Windows in Administrator mode that will virtually guarantee that result. Hypocrites. Here's a tip: Try restricting the privileges of users before you complain. Then we'll talk. Until then, you're just incompetent admins.
That's from an admin in business POV. Almost all of the home machines don't have the advantage of an admin and run Windows in its default settings, which is far less safe than a Mac's.
Until then, you're just incompetent admins.
I see, in the MS world, it's the admin's job to make up for the shortcomings of Windows. That's why the admin TCO for OS X and Linux is lower than that for Windows. But in my case I run admin because I need to, but with the installer service disabled, while my kids' profile is so locked down they can only run their educational games.
So nobody upgrades their OS, they just buy a new machine? You weren't listening. That shows OEM installs follow the standard Microsoft install, possibly due to contract with Microsoft. Maybe if Microsoft changed their standard install, then the OEMs would follow.
But in any case, that's still millions of by default poorly configured Windows installs out there that came directly from Microsoft. You'll do anything to get Microsoft off the hook.
But as far as Tog goes, I agree with his assessment of the Dock and other things. How good can something be if you're trying to copy the Windows UI? Tog does offer some advice and links to a couple of tools to bring your Mac UI into perfection
"Mac is indeed back! For the first time, with a few simple add-ons, you can turn your Mac into a monster machine, capable of outperforming not only an OS 9 Mac, but Windows XP"Of course many people will ignore this since the Dock, while not good from a UI perspective, is pretty cool.
BTW, you should look through Tog's site, where you'll find lots of major usability flaws in Windows.
OS X Part 3: Usability It has been favourably reviewed especially by Windows users -- but how good is it to a Mac user?
So windows users 94% of the market on the whole have given it positive reviews. Now I believe many windows users dont have a clue what a really usable interface shoule look like, but I had no clue you agreed with me on that.
Still, on the whole, OS 9 offers a pretty good user experience -- it's just that, as with anything else that has been around 15 years or so, features accumulate that don't always work together as consistently as they might, and old features which are hard to drop may not always be the way you'd do something now, with the benefit of hindsight.
Much of the complaing in this article is about OS9, not OSX
For now, suffice it to say that Netscape 6 is one of the worst ports of an interface I have seen.
Complaints about thrid party ports? come one you can do better.. Many of the complains (bouncing icons, shading) are settings that can be changed.
You're missing the point, which was that you blamed OEMs for improperly configuring Windows, while the configuration is the same as Microsoft's own. Besides, even if retail sales are a small percentage, it's still millions of machines.
Yep, that tsunami was nothing to be concerned about, it only killed less than one-tenth of a percent of the world's population.
No, Microsoft has no right to tell the OEMs how to configure Windows. It's an antitrust thing. Remember?
They only lost the ability to tell OEMs they can't offer other OSs or install other software in the OS. Otherwise, the OEM's configure Microsoft-standard, as is evident by their config being the same as the retail config.
Millions? Reference, please.
I can't find hard numbers of current sales, but extrapolate from this article citing 650,000 retail sales of XP during only two months in 2001 -- and that's when XP sales were lagging behind 98 sales.
And where's the admin for the hundreds of millions of home installs? Is everyone supposed to become a computer expert just to be relatively secure? That's what Mac OS X saves them from.
And for business, do you mind paying for the extra admin work to make up for the shortcomings of the OS and its initial configuration? I'd prefer to save the money.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.