Posted on 11/03/2009 9:35:44 PM PST by Gomez
Now that we in the northern hemisphere have had some time to digest the Windows 7 hype and settle in for the coming winter, we thought we would get some more hard data regarding Windows 7 security.
On October 22nd, we settled in at SophosLabs and loaded a full release copy of Windows 7 on a clean machine. We configured it to follow the system defaults for User Account Control (UAC) and did not load any anti-virus software.
We grabbed the next 10 unique samples that arrived in the SophosLabs feed to see how well the newer, more secure version of Windows and UAC held up. Unfortunately, despite Microsoft's claims, Windows 7 disappointed just like earlier versions of Windows. The good news is that, of the freshest 10 samples that arrived, 2 would not operate correctly under Windows 7.
User Account Control did block one sample; however, its failure to block anything else just reinforces my warning prior to the Windows 7 launch that UAC's default configuration is not effective at protecting a PC from modern malware.
Lesson learned? You still need to run anti-virus on Windows 7. Microsoft, in the Microsoft Security Intelligence Report released yesterday, stated that "The infection rate of Windows Vista SP1 was 61.9 percent less than that of Windows XP SP3."
But let's not get complacent. Microsoft seems to be saying that Vista is the least ugly baby in its family. You can be sure the next report will highlight its even less ugly younger sibling, Windows 7.
Why do I say this? As of October 31st www.netmarketshare.com states that Windows Vista has a 19% market share against Windows XP's 70.5% and Windows 7's 2%. Approximately 1 in 5 Windows users is using either Vista or Windows 7. These users often have newer computers, automatic patching, and firewalls and anti-virus software in place.
With millions of hosts still infected with Conficker, ZBot and Bredo, it is obvious a lot of unprotected machines are still out there, and it is no surprise that most of those are XP.
As the chart above shows, Windows 7 users need not feel left out. They can still participate in the ZBot botnet with a side of fake anti-virus. Windows 7 is no cure for the virus blues, so be sure to bring your protection when you boot up.
Looks to me like this thread has run its course... I don’t think we’ll see any more useful responses from the Win-fanboys. So I’m outta here... have a good day...
Well if you don’t deny the existence of flaws and malware for every OS then why are we eve having this discussion? This all started because somebody said other OSes don’t seem to have this problem, I pointed out that was a silly, and now you just agreed with me. We’re done.
I never said anything about other OSes being flawless -- of course all software (operating systems included) has flaws. Only trivial programs can be said to be flawless; more than about 10,000 lines of code and flaws will be there, to be ferreted out over many years of use. It's the way it is.
The object of security and robustness is not to be "perfect", but to be able to successfully and effectively defend against attacks. Which Unix does, and Windows still does not. Yes, Win7 is a great improvement over prior releases. No, it's still nothing like it should be; that will require extensive if not total replacement of the ancient NT codebase. Win7 is still NT.
What YOU said that made a mockery of the discussion was that because Unix had one or two demonstrable worms/viruses in the past 20 years, that it was somehow equivalent to Windows, which has something around 100,000 of them over the same period.
And when I challenged you to name even four in the past decade or so, you folded -- can't be done.
So I'm hardly agreeing with you, because your argument is flawed -- two does not equal tens of thousands, especially when those two were rendered inoperable many years ago. Windows 7 is still vulnerable to lots of current viruses -- and THAT IS THE TOPIC OF THE THREAD. HELLO? Your attempt to divert the thread to something else (and something trivially disprovable at that) failed.
> We’re done.
I agree. Thanks for playing, and have a great day. :)
I never said anything about equivalency. That is quite simply a lie on your part. I said Unix has malware targeted at it too, that’s it. Anything past that is from you.
Look, you're missing a critical point here.
If I attack a high, strong castle wall with a baseball bat, I'm gonna fail. Yet you want to count that as somehow the same as if I attack a grass shack with a baseball bat and knock it down.
I'm saying, the strength of the castle renders the baseball bat ineffective. I might as well attack with a toothbrush, or piss on the wall. So who cares if I do?
OTOH, the fact that an attack with a baseball bat against the grass shack IS effective, is newsworthy, hence this thread.
Please try to understand this. The mere existence of attacks is NOT relevant to this discussion -- it's a question of whether they succeed! Unix servers get attacked constantly, by all manner of attackers, human and automated. The question is whether the attacks are successful in a properly maintained (configured, patched) server or workstation.
The point of the article was that a properly configured, fully-patched install of Win7 is STILL vulnerable to most (7 out of 10 in this small sample) current viruses.
Do you get it yet? The mere existence of threats, per se, is not relevant to this topic, and your continued insistence that is, is tiresome. Good day.
I’m not missing any critical point. I simply pointed out that the statement that other OSes don’t suffer from “this problem” is silly. I’ve said repeatedly during the course of this thread that Windows had more malware aimed at it and was more vulnerable. But there’s a difference between most targeted and ONLY, that is the critical point, that some people like to pretend Windows is the only OS to have ever been infected, and that’s simply not the case. That the only way it “seems like” other OSes don’t have this problem is if you go out of your way to not notice that there is malware targeting every OS.
The point of the article is to sell software. It was written by one of the biggest AV companies out there. I’m surprised they even admitted to trying viruses that got blocked by 7.
We agree on that, for sure.
> I’m surprised they even admitted to trying viruses that got blocked by 7.
Their engineers probably felt they had to put something in to make themselves look fair. I'm sure their marketing people argued against it ;-)
Good old marketing people “what do you mean it would look bad if we went 100 for 100”.
I tried W7 the other day. Explorer was a disaster. They have ruined the best part of windows. The up arrow gone, well I could live with that, but it is hard to find anything with all of the nested, hidden folders. And the search feature seems geared towards only finding mp3s and pictures. That’s it for the most part. I was however impressed with the bootup time, but that in and of itself is not sufficient for a complete upgrade. No, I dont mean THE Upgrade..but a whole partition format/reinstall of the o.s, since upgrades for xp cause major headaches.
Been seriously giving thought to the idea of installing Linux myself, if for no other reason than to see what all the fuss is about.
Mmmmmmm, I’d love to play connect the dots with her freckles.
You don’t have to install it to try it out. Just find a Live CD that matches your taste and hardware.
Search Google for “Mac Viruses”, smart ass.
I’m at work. I don’t have time to help you along to your disillusionment.
Better yet, call a Mac shop and ask how often they clean viruses.
Consequently, there’s a technician two stations down from me who repairing one of your “infallible” Mac’s.
Up yours!
Excuse me?
My, what a mouth you have on you!
Boucheau, I don't need to google "Mac Viruses." Your ad hominem attack instruction to do so shows me that you are blowing smoke and don't know what you are talking about. I call you on your BS.
I've maintained the Mac Ping list on FreeRepublic for the last six years or so and posted on FR every one of the proposed Proof-of-Concept Mac OS X virus candidates that failed to do what they were supposed to do... I already KNOW exactly what you will find. Aside from about those seven or eight Proof-of-concept viruses and worms—that have never been seen outside of a computer security lab—and approximately 14 Trojan applications in two distinct families that require the interaction of an administrator user to install, that are easy to avoid and remove, the effective number of self-replicating, self-transmitting, self-installing OS X viruses is still ZERO!
There have been attempts to create one, but no viable viruses have been discovered in the wild in the over eight years that OS X has been exposed to hackers.
Better yet, call a Mac shop and ask how often they clean viruses.
So, if these viruses are so prevalent on the Macs you "clean," then it shouldn't be a problem for you to NAME THEM just of the top of your head. C'mon, Boucheau, let's hear them... List them. Tell us, who are Mac experts, exactly how you "clean" these viruses off of these infected Macs.
Tell you what. Here's some help with that:
Are you finding Macs infected with:
Did all of these show up at your shop to be cleaned???
Since you haven't provided any facts, and instead refer me to what can be found on Google, and then, in the same breath, insult me with ad hominem attacks, demonstrating your lack of facts, you obviously don't know any and you are spreading FUD.
In other words, Boucheau, I still don't believe you. I work in the field daily with numerous Macs and NONE of them have ever been infected with a virus. As a test, I ran my personal G5 tower for over two years with all firewalls turned off. No infections. No invasions. Nothing.
Consequently, there’s a technician two stations down from me who repairing one of your “infallible” Mac’s [sic].
Please show me where I have ever said that Macs are infallible? All computer can have hardware failures requiring repair. I even repair Macs... but a lot less frequently than I repair PCs.
By the way, how is that technician working on repairing a Mac a consequence of your previous statements?
Up yours!
My, how mature you are. How erudite. Am I wasting my time on a 13 year old? Must be.
Saying that having an OS with few minor attack points is the same as an OS having thousands of attacks point is what is silly.
> My, how mature you are. How erudite. Am I wasting my time on a 13 year old? Must be.
Nah, he signed up for FR on 2001-10-19. Assuming he was at least 13 -then-, he'd be about 21 now.
But probably still living in his mom's basement. ;-) I wouldn't waste any more time on him.
Back to the topic of the thread, the situation with Win7 may not be as dire as the article claims. There are some scare-tactics going on too. I suspect anything that the anti-virus vendors publish to be self-serving at best and fraudulent at worst.
Shoot, I've seen ads for anti-malware software packages for Unix, Linux, OS-X and others, all of which, if you read the fine-print, are to "protect your Windows clients that connect to your *ix or OS-X server" or "stop the spread of viruses on your network" meaning transmission by email and/or samba shares.
And to be honest, I've thought about it from time to time... I've got both real Windows (2K3) and Unix/Samba shares on my work internal net, along with the Unix/Linux NFS and others, and our software engineers post and distribute Windows .EXE files (utilities and self-installers) on the secure external websites for download by our customers and clients.
But with good anti-virus on every user Window workstation, and a nice tight Cisco firewall at the main gate, most of the job is done at the doorway.
So I guess all the virus-writers are sticking with Windows because it's an easier and more lucrative target (not because it's the biggest one out there, but because it's the weakest one out there).
I do think it's a shame there aren't more motivated virus writers poking at OS-X and BSD Unix. I feel like the Maytag repairman... All the attacks I've seen on my out-facing systems have been user/pass attempts (which drop on the floor since I use only NetBSD and require public-key auth). Boring... ;-)
I never said anything about the same, in fact quite the opposite. “This problem” is malware, everybody has to put up with it to some level or another.
It does, doesn't. I saw this article and also decided it was basically FUD against Windows7 and decided not to be the poster. Once it was posted, I felt duty bound to ping to it, though. Actually, when you think about it, Microsoft should be proud to be the target of FUD from the anti-malware publishers. I think it probably indicates they are doing something right for a change...
Some of us are wading at a level that is just two inches deep... others are trying to wade in depths exceeding 60,000 fathoms. Which wader do you think is more likely to drown.
I couldn’t possibly care less about what you think.
Now, F-off!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.