Microsoft Points To Security Controls In Addressing Google Exodus Rumor

rated by 0 users
This post has 5 Replies | 0 Followers

Top 10 Contributor
Posts 26,749
Points 1,210,440
Joined: Sep 2007
ForumsAdministrator
News Posted: Sat, Jun 5 2010 11:07 AM
We actually wondered what Microsoft would say if they got wind of Google's plans to phase out Windows machines in favor of Linux and OS Xalternatives, and it looks like our wish has been granted. Microsoftrecently published a response the rumor (which has still not beenconfirmed by Google), and the whole thing feels like Microsoft trying tocut this off before it blows up into something big. Addressing a rumorthat has yet to be confirmed is a pretty big move, and naturally thefocus is on security.

The company points to a number of reports on Microsoft's great securityefforts, presumably in an effort to "set the record straight."Basically, the post links to a number of reports where hackers admitthat Windows security has been enhanced, and one where the topic of Macsbeing attacked by high-risk malware is happening more and more often.Of course, this all just sounds like damage control to us. There's nobegging or pleading for Google to stick with Microsoft, and there's nobashing of Google at all. There's not even an outright mention thatGoogle is the one being pointed at, but when you start the post of with aline like "whether or not one particular company is reducing its use ofWindows," you know exactly who is who.


Here's a list of pointers from Microsoft on why their security istop-notch, but honestly, we're still waiting to hear if any othercompanies are following the lead of Google. It's easy to point out thepositives in order to make light of such a massive decision, but keepingit all together during a mass exodus would be another story entirely.Something tells us the company's grip on the enterprise won't beloosened any day soon though.

Here are some examples of the things we are focused on to help makeour customers more secure:
  • We ship software and security updates to our customers as soon as possible through Windows Update and Microsoft Update to keep our customers safe.
  • We highly recommend our customers enable Automatic Update to ensure they are protected from attacks.
  • With Windows 7, we added improvements to BitLocker for disc encryption (we also introduced BitLocker-to-Go for external USB devices), and added enhancements to the built in Windows Firewall for better protection.
  • Windows 7 has Parental Controls built in that can be combined with Windows Live Family Safety to create a safer experience on the PC for children.
  • Windows 7 comes with Internet Explorer 8 which includes SmartScreen Filter which has proven its success time and time again.
  • And Windows 7 also uses Address Space Layout Randomization (ASLR) as well by randomizing data in memory.

  • | Post Points: 65
Top 10 Contributor
Posts 5,054
Points 60,735
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Sat, Jun 5 2010 6:56 PM

I agree Ray.  Sorry for the length of the following... Microsoft's disinformation campaign just turned my knob to crazy-rant-mode.

Let's have a look at their helpful list-o-things that makes Windows security so great:

>> We ship software and security updates to our customers as soon as possible through Windows Update and Microsoft Update to keep our customers safe.

"And our track record is to always be wayyy behind OSX in response time, and eons behind open source." How many known vulnerabilities are there for Firefox at the moment?

By the way, every other OS has this update feature. The one on Linux even updates your third-party *non-OS* apps. After all these years, Microsoft's recommended workaround is still to "only buy Microsoft apps, dummy."

>> We highly recommend our customers enable Automatic Update to ensure they are protected from attacks.

That's not how you do it in a corporate environment, unless you want your Internet to go down on patch Tuesday. Instead, you convince IT to buy the expensive SMS solution and hire a full-time guy to re-package these patches. Or you could use another OS, and just take 5 minutes to configure apt-mirror (or equivalent) as a solution .

>> With Windows 7, we added improvements to BitLocker for disc encryption (we also introduced BitLocker-to-Go for external USB devices), and added enhancements to the built in Windows Firewall for better protection.

You get Bitlocker when you buy Ultimate or Enterprise. You can get equivalent software for free on any other platform. You'll want this too, if locking yourself out of your own drives is a fun Sunday afternoon for you... or if you just want to support TPM so badly - because you feel the need to lead us into a world where you should never be able to run your own non-MS-signed code on a computer without getting security warnings every frickin' time.

>> Windows 7 comes with Internet Explorer 8 which includes SmartScreen Filter which has proven its success time and time again.

And only has 43 known un-patched vulnerabilities. (http://en.wikipedia.org/wiki/Comparison_of_web_browsers#Vulnerabilities) Again, how many does the open source solution have?

>> And Windows 7 also uses Address Space Layout Randomization (ASLR) as well by randomizing data in memory.

Only for executables and dynamic link libraries specifically linked to be ASLR-enabled. :( ASLR is also available in OpenBSD, Linux, and OSX (as of 10.5). Not that those OS's need it, since a virus/trojan will try to inject code tailored to the Windows APIs that doesn't work on those platforms.

>> Windows 7 has Parental Controls built in that can be combined with Windows Live Family Safety to create a safer experience on the PC for children.

And I suppose businesses need this because their employees are children in China? Trust me: If you're like the average parent, then your kids know way more about Windows security than you do. They have this hacking think-tank they go to every day called "School" where they trade info on how to boot a Linux LiveCD and reset your Windows admin password (chntpw). You'll have much better results locking down their activities either by firewalling them at the router, or by (god forbid) actually taking an interest in what they're doing.

So, to sum up...

True or false: You're more likely to get a virus when running Windows vs. any other operating system, no matter what your Windows security settings?

It doesn't really matter why, it just matters that it's true.

Companies don't need games, and therefore don't need Windows.  (Unless of course they're a game company, in which case it should only be on the dev boxes).  Google made a brilliant move.

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 5
Top 10 Contributor
Posts 4,849
Points 45,900
Joined: Feb 2008
Location: Kennesaw
rapid1 replied on Sun, Jun 6 2010 2:55 AM

Rofl; 3vi1 go off! As far as windows admin passwords on a regular PC I can hack it in about 3 minutes all you have to do it follow the screen prompts to safe mode, then open the user and kill there password. Or you can just boot and hold down alt and rapid press F8/F10 back and forth that usually works then erase the admin password and restart.

ASUS Z87C
i7-4770K
Xonar DGX
Intel Gigabit CT
Geforce GTX 770 4GB
G.Skill X1600/1754 2x8GB 7/8/8/24
  • | Post Points: 20
Top 10 Contributor
Posts 8,771
Points 105,115
Joined: Apr 2009
Location: Shenandoah Valley, Virginia
MembershipAdministrator
Moderator

Years ago, Microsoft was firmly in control and their attitude showed that they knew it. It reflected on the arrogant way that they treated their customers and even corporate clients.

These days there are VIABLE alternatives to everything Microsoft and they're starting to get a little gun-shy about their supposed dominance in their field. They have become a little more responsive and proactive about platform security, but they're playing catch-up to every other software solution out there now. Their response time is still slower than open source platform's when it comes to security breaches and they HOLD solutions to a schedule of releases. (think Tuesday only here) They're beginning to see their own mortality and it doesn't look so good.

I'd like to say that I understand about their huge market share. I know about their wonderful arrangement with manufactures that guarantees Windows 7 will be shipping out with most of the new PC's made this year.

But the American consumer gets just a little smarter all of the time,....we understand that there are now excellent free alternatives to Windows, Office, and Anti-Virus programs,.....and this is bad news for Microsoft, Norton, McAfee, and other overpriced dinosaurs walking the landscape now.

Dogs are great judges of character, and if your dog doesn't like somebody being around, you shouldn't trust them.

  • | Post Points: 5
Top 50 Contributor
Posts 2,932
Points 24,775
Joined: Jul 2001
Location: United States, New York
digitaldd replied on Mon, Jun 7 2010 10:08 AM

rapid1:

Rofl; 3vi1 go off! As far as windows admin passwords on a regular PC I can hack it in about 3 minutes all you have to do it follow the screen prompts to safe mode, then open the user and kill there password. Or you can just boot and hold down alt and rapid press F8/F10 back and forth that usually works then erase the admin password and restart.

Umm yeah physical access can defeat any security measures to any system, not just Windows this holds true for every *nix variant out there as well as most embedded systems.

  • | Post Points: 5
Not Ranked
Posts 40
Points 350
Joined: Mar 2010
Location: Akron, Ohio
Brian replied on Tue, Jun 8 2010 12:59 PM

If someone uses Norton, or McAfee for antivirus good luck to them. Most of us here in the US are Microsoft friendly because we use what we know. Sure linux and Mac have come a long way, but not many people are willing to use command line when the GUI has a problem with a software install.

  • | Post Points: 5
Page 1 of 1 (6 items) | RSS