Ok... I currently run a small corporate environment with centralized antivirus and antispyware products. Over the past 30 years, I've used all sorts of products from all sorts of vendors in small to large environments. Some work better than others, but I've always been of the opinion that if you stick with the mainstream, you'll at least do OK.

So much for that fantasy.

About 8 months ago, a product from Sunbelt called "Counterspy" (their flagship antispyware product and original claim to fame) got a "bad signature update" and deleted some critical Windows files on Dell computers only. It took about 3 days of focused effort to recover from that. Tech support was very apologetic, and they got out a 'safe' signature file within hours of this falure. I was very close to dropping the product, but I've seen all the "big boys" screw up systems from time-to-time, and decided that while one error like this was unacceptable, it was - after all - just one error... and the product is pretty well thought of generally. That and an email from their CEO apologizing for the screwup (while promising that their QA would be overhauled to prevent it ever happening again) reassured me a bit.

8 months later, the damned thing did it again - this time to Lenovo laptops. It deleted the disk drivers out of System32\drivers, and then informed the users that "Counterspy has encountered a serious problem. Please reboot your computer."... which resulted in blue screens all over the damned place.

My reaction was predictable, and I was fortunate enough to be able to express my views to the CEO of Sunbelt Software on the phone. :D

Needless to say, that product is no longer installed at my company.

(Footnote: to add insult to injury, I found out later that they had released an "emergency signature fix" because of a just-released signature file that was screwing up various Lenovo laptops in a different way. Turned out that the "fix" update was the one that deleted MY system files. :mad:)

At the same time, I'd been struggling with McAfee Enterprise Orchestrator for about 2 years. Even with the upgrade to it's latest "and greatest" release, working with the policies was difficult; scheduling installations and updates was painfully complex, and so forth. Loved the reports, though, and always felt like the product was doing a good job based on that. However, the effort involved in managing the damned thing - and the ongoing issues with remote installs, not to mention the complete lack of useful information when it had problems had irked me to the point where I had been ready to dump it for quite some time.

Given the situation, I decided to go with a relatively inexpensive product by Webroot that covered both spyware and viruses. I'd been using it at home for several years ever since it was able to clean out a virus that Norton was unable to clean, and I've had good luck with it. (Although I understand that others have had issues with it at times.) The only complaint I have is that it - like Norton - tends to bog down machines somewhat while doing scans. I can live with that, though - all my scans happen in the evening after a wake-on-lan call goes out.

So... I installed Webroot Corporate edition on all my computers. I ran into issues on some of them... but found out MOST of the issues by reading the Windows logs. (Not all of them. Turns out that you should be on the latest Java in order to get consistent behavior, a lucky guess on my part.)

I scattered the schedule for scanning over the course of a week... and to my surprise, Webroot found 7 instances of spyware, one instance of malware, and two viruses on systems that had been protected for years by CounterSpy and McAfee. (This does not include "traces" found.) And these were NOT new types of viruses, malware and spyware; they'd been "in the wild" for months. (In one case, years.) Since the deinstallation of the old protection coincided with the installation of the NEW protection, it's not like it "snuck in" during any gap of protection. Further, I can tell you that I'm fanatical about making sure the updates roll out on schedule, so those systems always had the latest updates from both McAfee and SunBelt Software, and the reports indicated they were "deep-scanned" on a regular basis by both products.

As a professional, I can't begin to tell you how angry that makes me - honestly, I feel like there's been a serious violation of trust. Those systems were operating properly, and the products were updated regularly... and scans happened daily. (I have all scans set to the highest possible security level, btw.) Given the age and common nature of the infections, there is NO reasonable excuse for either product to have missed these things.

McAfee A/V and SunBelt CounterSpy?

DO NOT WANT! (Sorry about the rant.)

Bastards. :D

Hey, with that happening I feel you are entitled to rant.
One really doesn't need that kinda crap.

I had been using Norton since 2003, when it was good.

Then I got 2009... suuuuuuucked. I just got a virus infection last week for the first time that was bad enough to have to take the hard drives in for "optimization".

The guy replaced Norton with AVG anti-virus (free), and installed Windows Defender, Malware protection, and Spybot.

Feels weird without the big expensive Norton. Hope it all works.

Why is this Counterspy thing deleting files without asking?

I use Kaspersky Internet Security.

~~ Paul

Why is this Counterspy thing deleting files without asking?

I use Kaspersky Internet Security.

~~ Paul

Make that two of us with Kaspersky. It has been, as far as enterprise AV goes, a much-improved experience from previous corporate offerings (McAfee & Symantec, mostly). Less expensive than the bigger names, and it gets higher ratings on AV Comparatives.

We had a similar problem with a .sig file for Panda Internet Security Platinum 2005 a little while ago, it deleted some system files in some back-office PCs in some of our stores - it took days to sort it out.

I use Webroot Window Washer every evening to clean out the tons of crap that accumulate during the day.
It needs several minutes to get rid of the thousands of files that come in with any Internet activity.
And Norton watches over all of it.
I tried MacAfee for awhile, but it interfered with some of the graphic programs I use.

I've had no trouble with Kaspersky products.

All the rest seem mere homeopathic cures - the customer feels better for having done something, but they serve only to increase the wealth of their makers.

For school & work, I've moved to Linux. Haven't looked back since.
I still run VMware and dual-boot so that I can still run Windows apps and games, but that's becoming rare as time goes on.

Very informative post jmercer, thank you. All I can say is that what happened to you just reaffirms my view of some of the products in question.

For school & work, I've moved to Linux. Haven't looked back since.
I'm with you on this one. Haven't had a problem with viruses or malware or anything for years.

Im currently using NOD32 (which I love) and am looking to have it installed on my other computers

I use Avast!

I had an increasingly irritating problem with my mouse/screen cursor, attributing the reluctance for the cursor to follow the mouse motions as being due to all the crap (processes) stealing processor time.
I'd move the mouse (it's optical) and the cursor might not move at all for a lone time!
In frustration, I changed the mouse pad, and the performance improved a lot.
I then washed off the old mouse pad, it was -filthy-!
And cleaned the sensor area on the belly of the mouse, and now the cursor moves like it should.
Just an aside..

For personal PC use, I've always used and recommended F-Prot. Years of trouble free anti-virus protection and I often used it successfully to clean friends' PCs that Norton or McAfee had happily allowed to become infected.

But.... for a period of about 2 months this year, a number of updates started triggering all sorts of false positives on completely innocuous and regularly used files. To be fair, they resolved the issues with further updates quite quickly and have been fine for months since. I guess they can all have a blip.

I use Avast!

I've recently moved to this from AVG on my lappy and so far so good.

I've recently moved to this from AVG on my lappy and so far so good.

Why did you decide to switch?

I have used Avast and AVG; I like both.

I also used clamwin for a bit on one machine to try it out and had no problems, but had much less experienbce with it.

Why did you decide to switch?

My new laptop has Vista premium and it did not seem to be compatible with AVG, did not dig too deep to find a fix. I had used it for a long time but recently seemed to need more processing share on the other laptop running Vista basic especially when running scans. I tried avast as I had seen it recommended and it seems ok so far if lacking an easy user interface. Seemed to do a thorough scan quicker but I did not accurately measure this.

My new laptop has Vista premium and it did not seem to be compatible with AVG, did not dig too deep to find a fix. I had used it for a long time but recently seemed to need more processing share on the other laptop running Vista basic especially when running scans. I tried avast as I had seen it recommended and it seems ok so far if lacking an easy user interface. Seemed to do a thorough scan quicker but I did not accurately measure this.

Cool. I've been using avast! for a couple of years based on a Consumer Reports recommendation, but I'm always interested in what makes people choose one program over another.

My best advice is to get Linux or Mac OS X.

Seriously.

Not a single serious virus threat. Only thing you have to worry about are trojan horses, and, well, nobody can really protect you from stupidity.

I also used clamwin for a bit on one machine to try it out and had no problems, but had much less experienbce with it.I've installed ClamWin on a few dozen stand-alone Windoze machines over the last five or so years (mainly cos (i) its free - as in lunch and (ii) it works) and have had no problems...

However... as it "does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware (http://www.clamwin.com/)", I have a hunch that it might be unsuitable for jmercer's needs:a small corporate environment with centralized antivirus and antispyware products

My best advice is to get Linux or Mac OS X.

Seriously.

Not a single serious virus threat. Only thing you have to worry about are trojan horses, and, well, nobody can really protect you from stupidity.

Yeah, that's a totally viable option in a corporate network. "Hey boss, I don't like our AV software, I need every staff member to learn a new O/S".

Yeah, that's a totally viable option in a corporate network. "Hey boss, I don't like our AV software, I need every staff member to learn a new O/S".

With MS, they learn a totally new OS every few years anyway. And the user interfaces are not NOT that different unless you get down to the command-line level.

My best advice is to get Linux or Mac OS X.

Seriously.

Not a single serious virus threat. Only thing you have to worry about are trojan horses, and, well, nobody can really protect you from stupidity.

http://image.grenme.com/fail.jpg

"I had a difficult time finding after-market plugs for my Chevy truck."

"If you want my advice, buy a Ford."

I use spysweeper for my desktop and laptop computer, but it's been buggy on 64-bit systems by causing the OS to lock up at startup. I waited about 10 months before putting it on my desktop because of that and thankfully the current version works for me. On top of that webroot's always had a good track record in it's spyware detection.

Avast is a good complement with it's antispyware functionality although I keep webroot to clear out the tracking cookies, and avast! has proven to be a good free antivirus for home use.

COMODO I've had mixed results with because it's defense+ on 64-bit machines since February has been problematic. It prevented most of my programs from starting until I completely disabled it, so I use COMODO exclusively as a firewall.

---------------------------------------------------
I haven't used norton really, because I normally uninstall trial versions put on my new computers, but I had McAfee on one of my laptops for a good while. In '07 it actually screwed internet explorer and as a result anything that relied on IE's functionality would give me errors left and right... which is why I finally dropped it.

say it with me everyone...


BITDEFENDER! a little pricey and slightly heavy on the CPU usage, but nothing is better.

Use none. I have yet to be contaminated by any virus or trojan or rootkit whatsoever. The only one I was at risk, came from legit company (for one Sony, for another one the anti cheater program).

Use none. I have yet to be contaminated by any virus or trojan or rootkit whatsoever. The only one I was at risk, came from legit company (for one Sony, for another one the anti cheater program).That's fine for a security-aware individual...

However, as the OP concerns "a small corporate environment", I think that such an approach would probably be unworkable

Why is this Counterspy thing deleting files without asking?

I use Kaspersky Internet Security.

~~ Paul

Sorry for the late reply... it's the default policy for detected rootkits. Unless you change it to something more innocuous, it deletes 'em. But even if it put it in quarantine, it wouldn't have helped - the disk drivers need to be there for a successful boot of Windows...

That's fine for a security-aware individual...

However, as the OP concerns "a small corporate environment", I think that such an approach would probably be unworkable

Quite correct. :)

The majority of my users are ... how shall I put this? Technologically challenged...

My best advice is to get Linux or Mac OS X.

Seriously.

Not a single serious virus threat. Only thing you have to worry about are trojan horses, and, well, nobody can really protect you from stupidity.

Switching to either unfortunately presents a challenge to many companies because 3 out of 4 applications they use are designed for windows. My architecture studio classes each require us to have a particular set of software and many of the applications I in particular have to use are windows exclusive. And virtualization isn't that viable as a substitute since I don't get the same level of performance. Rhino 3D, autoCAD, Revit Architecture, 3D studio max, and sketchbook pro, in my case are windows exclusive, and needing photoshop to do day to day work in my studio courses prevents me from using linux exclusively (outside of dual booting windows and linux on one computer). But that aside, it's the widespread use of windows based PC's that motivates the wide spread malware for it... if mac OSX and linux gained similar ground in the operating system market then both are likely to encounter similar threats in the future

... it's the widespread use of windows based PC's that motivates the wide spread malware for it... if mac OSX and linux gained similar ground in the operating system market then both are likely to encounter similar threats in the future

That's not entirely correct. Without evidence one way or the other, I'm happy to concede that in general, as an operating system gains popularity it may attract miscreant programmers to write viruses for it. However, there are differences between Windows and Linux that make it extremely improbable that we will ever see "similar threats in the future".

Of these differences, perhaps the main one is that it is trivial in Windows for malware to infect system-wide binaries, and in Linux it is most unlikely. In Linux, if a piece of malware was inadvertently executed, it would have the privileges of the user running it. Unless you were running as root (admin), the malware would be limited to infecting only those binaries that the use had write-access to. In most cases, that would be none.

For this, and many other reasons, Linux is inherently more secure than Windows.

http://image.grenme.com/fail.jpg

"I had a difficult time finding after-market plugs for my Chevy truck."

"If you want my advice, buy a Ford."

No. It's more like:

"I bought a car with no locks on the doors, push-button keyless ignition, and a bumper sticker that says 'steal me'. I'm wondering what's the best security solution: A note attached to the windscreen that says 'protected by a Norton' or a piece of sticky tape over the ignition button?"

"Hmm.. My advice? Buy a car with door locks and keyed ignition."

You may not like it, but it's valid advice. It might not be suitable for your environment, and that's fair enough, but it's still valid advice.

http://image.grenme.com/fail.jpg

"I had a difficult time finding after-market plugs for my Chevy truck."

"If you want my advice, buy a Ford."

No, you keep the hardware. I am just suggesting you change out the ignition system.

... if mac OSX and linux gained similar ground in the operating system market then both are likely to encounter similar threats in the future

Unlikely.

Windows is defective by design.

With MS, they learn a totally new OS every few years anyway. And the user interfaces are not NOT that different unless you get down to the command-line level.

No, they don't. My company still runs XP. And the UI's are different enough, and the cost involved high enough, for changing O/S's to address an AV software issue to be a ridiculous proposal.

You seem to feel very strongly about Windows. It's slightly odd if you ask me.

No, they don't. My company still runs XP. And the UI's are different enough, and the cost involved high enough, for changing O/S's to address an AV software issue to be a ridiculous proposal.

You seem to feel very strongly about Windows. It's slightly odd if you ask me.

Comes from having developed device drivers for it since about 1998...

Ben, the switch from Windows to (fill in the blank) may make sense from a purely technical perspective, but not from a business perspective. In order for me to propose something like that (and keep my job), I'd have to present a very compelling business argument for it - and I can't. Hate it or love it, Windows is the dominate business desktop environment (and arguably based on the numbers, server environment) out there. I've got no basis for throwing it out - even when I worked at IBM, where I would have been virtually worshiped for finding such a reason. :)

No, they don't. My company still runs XP. And the UI's are different enough, and the cost involved high enough, for changing O/S's to address an AV software issue to be a ridiculous proposal.

You seem to feel very strongly about Windows. It's slightly odd if you ask me.
.
How can anyone with any sense NOT feel strongly about Windoze!
It's crap from A to Z, and it can't there from here!
But we're stuck with it... those of us financially challenged.

No. It's more like:

"I bought a car with no locks on the doors, push-button keyless ignition, and a bumper sticker that says 'steal me'. I'm wondering what's the best security solution: A note attached to the windscreen that says 'protected by a Norton' or a piece of sticky tape over the ignition button?"

"Hmm.. My advice? Buy a car with door locks and keyed ignition."

You may not like it, but it's valid advice. It might not be suitable for your environment, and that's fair enough, but it's still valid advice.

That would be a great analogy... if it had anything to do with what was actually said (or the software in question). But it doesn't, and is just that much more OS WARZ nonsense. The conversation may as well be:

"I sometimes get frustrated by this technology that has become a business standard."

"Well, my advice is to use something that isn't a business standard."

I have no dislike for Macs or Linux, but until the standard changes or widens to include things like AutoCAD (or any other industry standard app) for the Mac or Linux-- and no, "alternatives" don't do me any good because people actually go to school learning these industry standards-- then the practicality of the suggestion is full of fail.

-----

No, you keep the hardware. I am just suggesting you change out the ignition system.

Right. Which, in the case of OS X, is considered software piracy for being against the EULA (must be run on Apple hardware). Add to that the problem of standards, and I hope you see why I'm not rushing to switch out workstation operating systems.

Also, BenBurch and logical muse, if I were going to have users running a Mac or Linux machine as their workstation in a company environment, I'd be taking the exact same measures I do with those running a Windows computer on the network-- antivirus, ACLs, and network access policies-- so it's not like the work being done on the IT (technical) side would be any less, just different. I'm fairly OS agnostic as far as the merits of each, and can enjoy the good of any given system. But I do find the "if you have a problem with 'X', then you should use 'Y'" to be one of the least helpful memes from the platform battles. While I have, in the past, been able to solve problems on Windows by considering what I'd do on Linux, or tracking down an issue on OS X by thinking about what I did on Windows (yes, believe it or not), I don't think I've ever come across a problem so great on any of the platforms that couldn't be addressed on that platform (provided we're not talking about running non-native software). In fact, the only time where I think I've suggested a complete change of platform had to do with my dislike of Blackberries and their ultra-proprietary system (as well as their server/client software that is tantamount to crapware).

Of course you take precautions with any online machine. Sheesh. But the threat level is very low, and the software to deal with it is very benign. Does show up lots and lots of Windows malware in email, however, and of course you don't ever want to FORWARD any of that to someplace it might do damage.

Ben, the switch from Windows to (fill in the blank) may make sense from a purely technical perspective, but not from a business perspective. In order for me to propose something like that (and keep my job), I'd have to present a very compelling business argument for it - and I can't. Hate it or love it, Windows is the dominate business desktop environment (and arguably based on the numbers, server environment) out there. I've got no basis for throwing it out - even when I worked at IBM, where I would have been virtually worshiped for finding such a reason. :)

The case for replacing incrementally, however, can be made. A number of organizations have done this.

Cost overall is very low, especially for Linux, and Open Office and similar tools are as good as, if not better than, the MS equivalents.

On the Mac, of course, MS Office can be used directly, as can all of the Adobe tools, but first cost is higher, and you need to make the case based on lifetime costs of the platform.

One has to look at what really is run in the organization, and examine the replacements on the other platforms, and see if there is a match.

Yes, Windows runs tens of thousands of programs, but if you are like most organizations you run about 20 of them for business purposes, excluding things you run to cure defects in Windows itself.

And I happen to think it is a positive thing if workers cannot find games to run on their work machines.

The conversation may as well be:

"I sometimes get frustrated by this technology that has become a business standard."

"Well, my advice is to use something that isn't a business standard."


(my bold)

No. It's not about getting frustrated. People don't "sometimes get frustrated" when their PCs are full of viruses and spyware. I think you'll find that it's a bit more serious than that.

As an example, let's look at the conficker virus. Here are just a few cases that demonstrate something more than frustration.

Ongoing malware problems at the Ministry of Defence have left some officials and service personnel still without desktop computing, a fortnight after infections began. However, the MoD insists that media reports of its email being sent to Russia are untrue.
MoD networks still malware-plagued after two weeks (http://www.theregister.co.uk/2009/01/20/mod_malware_still_going_strong/)

French fighter planes were unable to take off after military computers were infected by a computer virus, an intelligence magazine claims. The aircraft were unable to download their flight plans after databases were infected by a Microsoft virus they had already been warned about several months beforehand.
French fighter planes grounded by computer virus (http://www.telegraph.co.uk/news/worldnews/europe/france/4547649/French-fighter-planes-grounded-by-computer-virus.html)

Staff at hospitals across Sheffield are battling a major computer worm outbreak after managers turned off Windows security updates for all 8,000 PCs on the vital network... The decision to disble automatic security updates was taken during Christmas week after PCs in an operating theatre rebooted mid-surgery.
Conficker seizes city's hospital network (http://www.theregister.co.uk/2009/01/20/sheffield_conficker/)


I have no dislike for Macs or Linux, but until the standard changes or widens to include things like AutoCAD (or any other industry standard app) for the Mac or Linux-- and no, "alternatives" don't do me any good because people actually go to school learning these industry standards-- then the practicality of the suggestion is full of fail.

There are plenty of people reading this forum for whom the suggestion is entirely appropriate. In fact, a search on the internet finds many examples of companies and government agencies migrating from Windows to Linux. As just one example, "PSA Peugeot Citroen, the second-largest automobile manufacturer in Europe, and Novell just signed a multiyear contract allowing the deployment of up to 20,000 Linux desktops plus 2,500 Linux servers from Novell."
PSA Peugeot Citroen Chooses SUSE Linux Enterprise Desktop From Novell (http://www.theautochannel.com/news/2007/01/30/035393.html)

By using language like "full of fail", and including that "fail" pic in your earlier post, you are making this an emotional argument. No one is saying that you should move to Linux. What is being said is that for some people, and some organisations, it's a better choice, and in those cases it virtually eliminates the whole virus/spyware/malware issue.

Protecting against malware is easy. In fact, I am starting to believe that anybody whose computer is full of malware is an idiot.

Protecting against malware is easy. In fact, I am starting to believe that anybody whose computer is full of malware is an idiot.

Until some that your virus scanner does not know about bites you...

I have seen it happen, and we are talking in a professional environment where security was a concern, and a virus that came in on a CD from a trusted software vendor.

Until some that your virus scanner does not know about bites you...

I have seen it happen, and we are talking in a professional environment where security was a concern, and a virus that came in on a CD from a trusted software vendor.


I don't even think that you need AV software. I am running without any active scanner to test that out. I will be very surprised if I get infected. I wouldn't do this in a corporate environment because one idiot could take down the whole network.

And getting a virus on a CD from a trusted vendor must be so rare that it is hardly worth talking about.

The local council that I work for recently (couple of months ago) got infected.

There's maybe a couple thousand employees - most of whom have a computer.

The IT guys had to shut down every single computer for about a week while they tried to get rid of the viruses. in the end they actually went round the main building and removed all the network cables, because people kept switching their computers on and reinfecting the network.

I have no idea how it happened, or whether the computers were properly protected (and if not, why not), but to this day we're not allowed to use any USB devices in the council computers...

I'm surprised that it happened, and that we're still not allowed to use memory sticks etc, because one of the things they updated when they were fixing the council network, was to install a better virus scanner on the public (learning centre) PCs, which scans every flash drive everytime it's inserted. Why they can't / haven't done that on the council machines i have no idea.

I blame the IT dept. :-D

... And getting a virus on a CD from a trusted vendor must be so rare that it is hardly worth talking about.

The consequences almost cost a life.

The consequences almost cost a life.

How so?

That's not entirely correct. Without evidence one way or the other, I'm happy to concede that in general, as an operating system gains popularity it may attract miscreant programmers to write viruses for it. However, there are differences between Windows and Linux that make it extremely improbable that we will ever see "similar threats in the future".

Of these differences, perhaps the main one is that it is trivial in Windows for malware to infect system-wide binaries, and in Linux it is most unlikely. In Linux, if a piece of malware was inadvertently executed, it would have the privileges of the user running it. Unless you were running as root (admin), the malware would be limited to infecting only those binaries that the use had write-access to. In most cases, that would be none.

For this, and many other reasons, Linux is inherently more secure than Windows.
Ahhh the frustration. This only holds for Windows XP. This is precisely the same way in which Vista works, comments on Linux and other systems obviously being the influence not withstanding.

The UAC feature that people initially bitched about in Vista and subsequently went to great lengths to disable, is precisely the same feature as root privileges in Linux. The user does not by default have admin rights to system files. When you see that Vista window go grey and bring up the prompt, its not just a visual queue. Its actually locking the system files out from access until the prompt is clicked (if you have admin rights) or by entering admin credentials (if you are set as a regular user).

So other complaints with Vista aside, normal accounts with default full access to system files is no longer an issue.

Of course you take precautions with any online machine. Sheesh. But the threat level is very low, and the software to deal with it is very benign.

Very low right now. But given the results of last year's CanSecWest (OS X cracked quicker than Vista), or incidents like this (http://www.applematters.com/article/microsoft-provides-easy-os-x-security-hack/) or this (http://www.zdnet.com.au/news/security/soa/Mac-OS-X-hacked-under-30-minutes/0,130061744,139241748,00.htm), or the fact that pretty well-known security experts are predicting Safari as the weaker browser (http://www.ostoday.org/os-news-1/00024-031309.shtml) (as opposed to current favorite IE), or many other indicators that perhaps there isn't as much "inherently secure" aspects to Macs and that an under-10% market is more significant a factor in the wild threats that exist currently. A point of note: in the server sphere, you can bet your butt that Linux (web-facing) servers are the ones that are the greater target and have the greater number of available exploits out there in the wild. Most people don't even know of this because they're not the ones who have to keep those systems protected.

But none of that stops the fact that, yes, for home users and those who use the internet on client machines, Windows is the top target out there and the most commonly exploited for various types of malware. There's no denying that. However, with regard to the more accurate and broader aspects of computer security, this impression that Windows has some huge set of flaws that make it inherently less secure than other alternatives is just bunk. About the only real arguably more secure OS than all the rest is BSD, and that has more to do with how the kernel processes run than the OS as a whole.

(my bold)

No. It's not about getting frustrated. People don't "sometimes get frustrated" when their PCs are full of viruses and spyware. I think you'll find that it's a bit more serious than that.

As an example, let's look at the conficker virus. Here are just a few cases that demonstrate something more than frustration.

[snip a few links]

Yes, it is frustration. Cherry-picking cases where Windows client computers have had cases of exploits is only an exercise in confirmation bias. Just a few days ago an exploit was released (http://www.h-online.com/security/Root-exploit-for-Linux-kernel-published--/news/113791) that can be used to successfully attack a fully-patched Linux server, and yet you're not going to hear about that rather big news on your local stations or on CNN. The reality that Linux web servers are the largest target of web-facing servers rarely comes up when talking about internet security for computers. Why? Because for most people it's an issue that doesn't even register on their radar. It's never discussed on trendy tech-talk articles or reports on major news stations that OS X or Linux has more disclosed vulnerabilities than Windows (http://www.neowin.net/news/main/09/02/04/os-x-and-linux-are-more-vulnerable-than-windows). Why? Because despite the defenses of appealing to popularity Windows really is the greater target for most users because it's so commonly used by so many people around the world.

So, yeah, it is about being frustrated, because people are easily convinced by "grass is always greener" appeals and the common dislike or distrust that Microsoft has (arguably rightfully) earned over the years.

There are plenty of people reading this forum for whom the suggestion is entirely appropriate. In fact, a search on the internet finds many examples of companies and government agencies migrating from Windows to Linux. As just one example, "PSA Peugeot Citroen, the second-largest automobile manufacturer in Europe, and Novell just signed a multiyear contract allowing the deployment of up to 20,000 Linux desktops plus 2,500 Linux servers from Novell."
PSA Peugeot Citroen Chooses SUSE Linux Enterprise Desktop From Novell (http://www.theautochannel.com/news/2007/01/30/035393.html)

Congratulations to Novell for the contract. You're arguing from the exception here, though. Photoshop, AutoCAD, and a whole host of productivity, CRM, and logistical software out there are industry standards, and most of them are not platform agnostic. People at homes tend to prefer to use what they use at work, usually for consistency's sake. Arguing the exceptions isn't a convincing argument.

By using language like "full of fail", and including that "fail" pic in your earlier post, you are making this an emotional argument. No one is saying that you should move to Linux. What is being said is that for some people, and some organisations, it's a better choice, and in those cases it virtually eliminates the whole virus/spyware/malware issue.

That's simply not true. It was stated that Linux or OS X were safer, and that's a misconception due to reasons I've already stated. Yes, the likelihood is that for at least the first year (or, more likely, few months) that a majority of people switch to a different platform they will encounter little to no problem, but that wouldn't last. If you don't think populating airports or government departments with OS X or Linux workstations won't eventually result in an incident like your other links, then you're fooling yourself. Also, if you think I'm just talking theoretically, then go work for a web hosting data center and keep track of the incidents. For the client-side, all that's required is relying on the same naivete that hooks Windows users-- the habit of clicking through and passing through prompts to get them out of the way that people casually using their computers tend to do. The increase in the number of trojans over the past year for OS X bears this out rather well.

As for the "FAIL" image, that was simple ridicule, not an argument. Calling the other comment "full of fail" was being dismissive. When I make an actual argument, I'm more than happy to explain and back it up.

I realize that my last two posts seem very fanboy-ish, but I'd also like to disclose that those two posts (as well as this) were posted on my MacBook Pro, and that over the past six months I was the one who made the decision to put together two Linux file servers at work. I'm a huge fan of DD-WRT (Linux-based firmware replacement for wireless routers), and have not only used it at home but recommended it to others to solve wi-fi issues they were having on applicable equipment.

Computers, computing platforms, and computer software are tools. Understanding the tools and how to use them is part of the job I do. Knowing about the myths of brand affinity don't require the experience and skill that I and many others who post here in the same or similar fields. The "operating system wars" battle is a Coke/Pepsi, Chevy/Ford, tastes-great/less-filling fight. I'm not interested in having that fight. I am, however, contending that the "use something else" statements aren't practical, sensible, or accurate when it comes to addressing security problems. What accurately addresses security problems is learning safer usage of the tools we rely on.

Knowing about the myths of brand affinity don't require the experience and skill that I and many others who post here in the same or similar fields.


Then pick up a real CAD platform.




(Just kidding. Sorta. Depends on your industry.)

"disclosed" vulnerabilities. I'm sure you can see the issue with that claim.

Obscurity is not the same as security.

Plus, how many of those still exist? How quickly were they dealt with? What was the security threat level?

Have to compare similar things, and if you do, you will find that Windows is by far inferior.

How so?

I'm not at liberty to say exactly, but imagine a very dangerous machine that suddenly is not acting correctly.

The case for replacing incrementally, however, can be made. A number of organizations have done this.

Cost overall is very low, especially for Linux, and Open Office and similar tools are as good as, if not better than, the MS equivalents.

On the Mac, of course, MS Office can be used directly, as can all of the Adobe tools, but first cost is higher, and you need to make the case based on lifetime costs of the platform.

One has to look at what really is run in the organization, and examine the replacements on the other platforms, and see if there is a match.

Yes, Windows runs tens of thousands of programs, but if you are like most organizations you run about 20 of them for business purposes, excluding things you run to cure defects in Windows itself.

And I happen to think it is a positive thing if workers cannot find games to run on their work machines.

It's not that I disagree with you in principle; however, I do disagree with you as a matter of practicality.

I normally operate at an executive level with mid-sized corporations (several hundred million to a few billion), although my current job is the exception. (I took a job at a smaller company because I wanted a break from corporate nonsense.)

When you operate at that level, you can't suggest radical changes without absolutely compelling reasons... and frankly, technical reasons are not compelling to CEO's and BOD's. The incremental cost difference (even over time) in terms of cost of ownership is a viable argument - however, you can find as many studies arguing for changing out Windows as you can against it. And those against it tend to come from conservative sources, such as the Gartner Group, for example, as well as pundits... and someone at the executive level will cite those studies/opinions, thus undercutting your credibility no matter how carefully you lay the groundwork. Corporations are not really all that interested in change - they're interested in profits and stable operations. They will change in response to a problem, crisis and/or opportunity for increased profitability - but there's a reason that most organizations have neglected their infrastructure (and not just technical infrastructure, either) - it's because in most companies the executives are rewarded for short-term, high-profile success and not long-term planning and/or cost cutting measures that require capital investment first. (Just try to do an ROI that a financial executive will endorse regarding changing out Windows and Office.) Sad, but true.

It's perceived gain vs. perceived risk, and any CIO/VP/Director who cannot make a rock-solid case for radical (costly) change is going to be replaced quite quickly.

Also, incremental replacements are problematic because you end up supporting massive groups of completely different technologies over an extended period of time. That translates into costs as well, in terms of resources, training and usually quality service... none of which is going to make your longevity any more likely, especially as the rank-and-file people start complaining and their productivity suffers during the learning curve. (And they will complain, too. Nobody likes change, and people just want to get their work done, not learn new software, etc.) Change like you're proposing has to literally come from the top of the organization - from the CEO/Board level. Without that kind of commitment, it's doomed no matter how much sense it may make to you or I.

Cherry-picking cases where Windows client computers have had cases of exploits is only an exercise in confirmation bias.
Hmm. It's not cherry picking when nearly every case involves Windows. It's not like I had to hunt really hard to find one Windows exploit whilst ignoring an overwhelming number of Linux exploits.
Just a few days ago an exploit was released (http://www.h-online.com/security/Root-exploit-for-Linux-kernel-published--/news/113791) that can be used to successfully attack a fully-patched Linux server, and yet you're not going to hear about that rather big news on your local stations or on CNN.
Hmm. An obscure, difficult-to-exploit exploit that only affects one particular kernel of one particular Linux distribution makes you sound disingenuous when your statement "can be used to successfully attack a fully-patched Linux server" could be read by many people who won't bother to check the source as meaning all Linux servers.
The reality that Linux web servers are the largest target of web-facing servers rarely comes up when talking about internet security for computers.
And yet, despite (according to you, I haven't checked) being such a large target, most large web sites are hosted, securely, on Linux servers.


So, yeah, it is about being frustrated, because people are easily convinced by "grass is always greener" appeals and the common dislike or distrust that Microsoft has (arguably rightfully) earned over the years.
I won't argue there.

Congratulations to Novell for the contract. You're arguing from the exception here, though. Photoshop, AutoCAD, and a whole host of productivity, CRM, and logistical software out there are industry standards, and most of them are not platform agnostic. People at homes tend to prefer to use what they use at work, usually for consistency's sake. Arguing the exceptions isn't a convincing argument.
That was just one example of many.

That's simply not true. It was stated that Linux or OS X were safer, and that's a misconception due to reasons I've already stated.
You haven't shown that it's a misconception.

As for the "FAIL" image, that was simple ridicule, not an argument. Calling the other comment "full of fail" was being dismissive. When I make an actual argument, I'm more than happy to explain and back it up.
Ridiculing and dismissing advice to consider an alternative such as Linux is not helpful. There are many organisations who have heeded such advice, as for example the case I gave in my earlier post. It is not hard to find hundreds of similar cases if you search the internet.

In each case, someone made the suggestion to move from Windows to Linux and it was taken seriously. It might not be suitable for you, for your reasons, but I see no cause for ridicule and dismissal. I'm sure that the organisations around the world that have successfully adopted Linux are glad that when the idea was first mooted it wasn't ridiculed or dismissed.

Disclaimer: I have been a computer programmer for around 30 years or thereabouts. I was developing device drivers for MS-DOS and Windows 1.0, and Xenix and System V and BSD and Linux, as well as other systems programming, and games programming (consoles, DOS, Windows, Linux), and embedded controllers, and COBOL and RPG and various assembly languages and C and so on and so Forth. These days I still do some of that, as well as web development (PHP, MySQL, XML, XHTML, CSS, Javascript, Perl etc).

As a consequence of that, I admit to a wee bias.

eta: On second thoughts, my biography is irrelevant.

It's never discussed on trendy tech-talk articles or reports on major news stations that OS X or Linux has more disclosed vulnerabilities than Windows (http://www.neowin.net/news/main/09/02/04/os-x-and-linux-are-more-vulnerable-than-windows). Why? Because despite the defenses of appealing to popularity Windows really is the greater target for most users because it's so commonly used by so many people around the world.
I've become very skeptical of such reports. In the past, I've looked into a couple of such news items, and invariably they got to a higher vulnerability count for Linux than for Windows by:

1) adding up the Linux vulnerabilities for all distributions. So one kernel vulnerability would be counted once for RHEL, once for SuSE, once for Debian, etc.

2) comparing whole Linux distributions against a Windows workstation version. So while the occasional Apache vulnerability would be counted (and then 4 or 5 times by virtue of (1)), IIS vulnerabilities would not be counted as IIS was not part of the Windows version they compared it with.

Another thing such reports typically overlook is the window of opportunity. Linux bugs tend to be repaired much and much quicker than Windows bugs.

Then pick up a real CAD platform.




(Just kidding. Sorta. Depends on your industry.)

Actually, bang-for-buck, what-you-get versus what-you-pay? I totally agree.

...

Another thing such reports typically overlook is the window of opportunity. Linux bugs tend to be repaired much and much quicker than Windows bugs.
I ask with complement sincerity here. How precisely do we quantify this? Without an indepth trending of security risks, severity, time to initial discover, to time of resolution, how can we make concrete statements such as this?

Are the majority of security risks found by benevolent testing, and hence fixed before they can be widely exploited? Or are reports of initial exploits what generally trigger patches and fixes?

If the latter, then is it not possible that Windows, being that much more widely deployed would have its risks laid out that much sooner?

Also the arguement in regards to various distributions of Linux and shared or variant kernels being lumped together or seperated out unfairly also applies to Windows to a certain extent.

I imagine the vast majority of Windows client vunerabilities are more prevalent on the Windows XP platform, than they are for Vista. The fact that XP is still prevalently used can be brought down to a long list of factors, but in fairness, it is not the latest Windows product. I for one am under no illusions that despite all over feature arguments, that XP is more secure than Vista.

For that matter, how are vunerabilities generally lumped together between Windows XP, Vista, Server 2000/2003/2008/, between SQL or Exchange or a range of other products and versions all potentially running on other various versions of the OS, SQL 2005 running on Server 2000 vs 2003. It turns into a huge matrix of possibilities, and how do we get an accurate view here?

The main point here is that this is a rather hard issue to track, with a huge amount of variables to consider and take into account. So I think idly tossing out any particular opinion without some strong confidence all these variables have been taken into account is most likely just going to point out our own personal bias'.

"disclosed" vulnerabilities. I'm sure you can see the issue with that claim.

Obscurity is not the same as security.

Plus, how many of those still exist? How quickly were they dealt with? What was the security threat level?

Have to compare similar things, and if you do, you will find that Windows is by far inferior.

Please take note of the highlighting. I never said otherwise. As a matter of fact, you are the one who made a case based on obscurity, not me. When Windows, OS X, and Linux are put next to each other for experienced people to try to hack, do you know which one gets compromised first? Hint: it ain't Windows (http://www.computerworld.com/s/article/9072959/Mac_easiest_to_hack_says_10_000_winner).

That being said, it is very strongly my opinion that more often than now opinions and statements over this OS vs that OS tend strongly to come from personal preference and bias than any strong attempt to stay objective and acknowledge ones gaps in knowledge for any potential OS.

GreNME, despite admittedly coming off a little Windows Fanboyish, does hit the nail rather squarely on the head. A real IT Professional tries to remain OS agnostic, while admitting that yes, we all have our bias. It is necessary to recognize the strengths of any particular OS and where it can be best put to use.

It is recognizing the very key difference between importance of OS issues from a personal and individual user level, to a mid-sized or large corporate importance to OS issues. Personal drivers are often different.

Some of the most senior level Windows consultants I know work from a Mac. They recognize the individual benefits of the Mac for helping them work. But they recognize that Windows and Microsoft has a much more mature and existing platform for deploying corporate and business applications.

They use and appreciate both based on their merits. Always being careful to keep their bias' in check and to as much as is possible in IT to keep up with the latest news for all platforms, a decidely daunting task. They are very much willing to have their impressions of an OS or application changed, based on strong feedback from someone that has possibly spent much more time actually using a particular product.

Basically, I think discussions around OS's tend to be in general some of the most non-critically thought out arguments I come across :).

Hmm. It's not cherry picking when nearly every case involves Windows. It's not like I had to hunt really hard to find one Windows exploit whilst ignoring an overwhelming number of Linux exploits.

It is cherry-picking when you're not aware of the huge numbers of Linux attacks that occur daily. However, just like with most Windows attacks, the majority of attacks on Linux systems are stopped and cleaned up quickly. The general rule of thumb is that if it is facing the web and it isn't some hardened BSD variant, then it's hackable. Plain and simple.

Hmm. An obscure, difficult-to-exploit exploit that only affects one particular kernel of one particular Linux distribution makes you sound disingenuous when your statement "can be used to successfully attack a fully-patched Linux server" could be read by many people who won't bother to check the source as meaning all Linux servers.

You didn't read the article (or possibly understand it) very well. That exploit wasn't distribution-specific, and the only question when it comes to kernels and cracking them is knowing which kernel the attacker is dealing with (and older is better, but not always necessary).

And yet, despite (according to you, I haven't checked) being such a large target, most large web sites are hosted, securely, on Linux servers.

That's a licensing and ROI issue, as well as an issue of allowing for heavy customization without extra vendor costs, not a security one. You're not going to find many web hosting farms out there using hordes of costly Novell or Red Hat group licenses, for two reasons: 1) they have in-house support, and 2) even if they buy licenses, they are going to heavily modify them anyway and thus not need the more proprietary fees included with the large group licenses. Most of the smaller web farms are using freely-downloadable packages that have been modified to their specifications. That's not an option with Windows or OS X.

Nice "according to you" incredulity use there. Don't just take my word for it, Zone-H (http://www.zone-h.org/news/id/4686) should be a decent third-party source.

Operating System | Year 2005 | Year 2006 | Year 2007
Linux | 276.350 | 446.311 | 306.076
Windows 2003 | 72.377 | 183.953 | 114.137
Windows 2000 | 101.151 | 69.754 | 23.838

Congratulations to Novell for the contract. You're arguing from the exception here, though. Photoshop, AutoCAD, and a whole host of productivity, CRM, and logistical software out there are industry standards, and most of them are not platform agnostic. People at homes tend to prefer to use what they use at work, usually for consistency's sake. Arguing the exceptions isn't a convincing argument.
That was just one example of many.

And it's still arguing from exceptions and not the general rule. The general rule tends toward Linux (and Windows and others) in the back (IT) room, Windows at the workstations. That's not a 'should' or a 'could', it's an 'is'.

That's simply not true. It was stated that Linux or OS X were safer, and that's a misconception due to reasons I've already stated.You haven't shown that it's a misconception.

I've pointed out the number of security bulletins. I've pointed out the lack of attention paid to the server-side of security, where Linux and Windows often face the same types of problems (with no measurable inherent differences in results). I've pointed out where notable security experts have commented that Windows is indeed not the easiest to hack. You may not be personally convinced, but I have provided backing for my accusation that it's a misconception.

As for the "FAIL" image, that was simple ridicule, not an argument. Calling the other comment "full of fail" was being dismissive. When I make an actual argument, I'm more than happy to explain and back it up.
Ridiculing and dismissing advice to consider an alternative such as Linux is not helpful. There are many organisations who have heeded such advice, as for example the case I gave in my earlier post. It is not hard to find hundreds of similar cases if you search the internet.

I'm not a salesman for Novell or Red Hat, just as I'm not a salesman for Microsoft or Apple. So I have no desire or need for "helping" their causes for more sales. I do have a pet peeve when it comes to brand loyalty, though, because it's a cognitive blind spot that seems to be especially pervasive in the IT industry, which just serves to make my job and the jobs of those like me that much more difficult. If anything, the greatest detriment to computer and network security often tends to be brand loyalty, whether it's undeterred devotion to Microsoft or Apple or Linux distributors or Cisco or Symantec or AutoDesk or Adobe or any of the others. When it comes to platforms for the software to run on, then all else being equal-- by this I mean equally comparable time and budget allotments for hardening and equally competent IT staff-- there are no inherent differences in security between Windows, OS X, and Linux. That isn't to argue that there aren't benefits and detriments outside of security inherent in each-- there most certainly are, I'd agree-- but arguing that security differences are made by the platform one is running is one of the sloppiest, most irresponsible arguments out there in the IT industry and my single largest problem with the "OS war" arguments.

In each case, someone made the suggestion to move from Windows to Linux and it was taken seriously. It might not be suitable for you, for your reasons, but I see no cause for ridicule and dismissal. I'm sure that the organisations around the world that have successfully adopted Linux are glad that when the idea was first mooted it wasn't ridiculed or dismissed.

Hey, good on those for whom it works, but you're not going to see press releases that state "we tried platform X and it turns out the idea was a flop," not on internet sites or on publications. I'm talking about the climate in the IT industry as it is and you're making what is essentially a sales-pitch assertion. They may not seem like sales pitches to you, but considering the examples you're going to be able to find of companies that have made switches are going to be press releases (the one you found was a Novell release) I'm not really inclined to take the reasons they include as objective assessments of what was best for the companies who made the switch. The decision-making process for concluding which tools are most efficient for which environments involves more than what you've been presenting. Much like cold or warm readers rely on focusing on hits and ignoring the misses to present their efficacy, the "OS Wars" arguments involve a whole lot of confirmation bias that is based more on brand loyalty than it is objective assessment of what works best.

Disclaimer: I have been a computer programmer for around 30 years or thereabouts. I was developing device drivers for MS-DOS and Windows 1.0, and Xenix and System V and BSD and Linux, as well as other systems programming, and games programming (consoles, DOS, Windows, Linux), and embedded controllers, and COBOL and RPG and various assembly languages and C and so on and so Forth. These days I still do some of that, as well as web development (PHP, MySQL, XML, XHTML, CSS, Javascript, Perl etc).

As a consequence of that, I admit to a wee bias.

eta: On second thoughts, my biography is irrelevant.

I'm not trying to have a competition on industry experience, I pointed out what I did to make it clear that I'm not advocating Microsoft Windows as being some great catch-all answer to any given situation. I'd be just as critical of arguments along those lines as I am of the "trouble with Windows, just ditch it for something else" suggestions. The OP dealt with antivirus in a company network, and a suggestion was made to use a different platform. However, even with a different platform there would still be a need for antivirus, so the suggestion had nothing to do with providing a suggested solution but instead offered change for an unrealistic expectation-- in the OP, the operating system wasn't the software creating the problem in the first place. This entire sidebar has been a dip into irrelevance because the platform wasn't the problem, the antivirus software was.

So I wasn't challenging your experience, I was pointing out the ridiculousness of suggesting a change to something that wasn't at issue without addressing what was at issue in the first place.

I've become very skeptical of such reports. In the past, I've looked into a couple of such news items, and invariably they got to a higher vulnerability count for Linux than for Windows by:

1) adding up the Linux vulnerabilities for all distributions. So one kernel vulnerability would be counted once for RHEL, once for SuSE, once for Debian, etc.

2) comparing whole Linux distributions against a Windows workstation version. So while the occasional Apache vulnerability would be counted (and then 4 or 5 times by virtue of (1)), IIS vulnerabilities would not be counted as IIS was not part of the Windows version they compared it with.

Another thing such reports typically overlook is the window of opportunity. Linux bugs tend to be repaired much and much quicker than Windows bugs.

This is a good distinction to be making, but not for the conclusion I think you're getting at. There really are no appreciable differences between Linux distributions outside of package managers, a few binaries, and some subsystems. Of those three, the latter is probably the biggest deal because exploits to take advantage of one distribution's subsystem won't have much success against another distribution that doesn't have it, but that tends to be the case with most exploits nowadays-- they focus on some application or subsystem as the point of entry and not the core of the OS itself. In that, the proper security response is to keep those things that aren't the core of the OS properly hardened against attack, and we're getting into non-OS issues of IT security instead of any inherent deficiencies within the operating systems themselves. Further, I don't see how a server versus a client distinction is really helpful except to continue to diffuse or distort a rational view of IT security from an industry perspective. After all, whether the exploit is at the client side or the server side, the clients are going to have less risk of losing critical data that is typically stored on the servers, and when a server is hit that affects more people at a single time than when a client is hit. There are different types of reactions for each type of attack, and while the distinction is worth making it doesn't always translate the severity or context of the types of exploits between the two (and, for the most part, the Linux exploits tend to be server-side, unlike Windows ones, which tend to be heavier on the client side).

Ultimately, the point I'm making is not that Microsoft's software is somehow inherently superior-- far from it-- but that the platform itself is not going to be the determining factor when it comes to security. They all have holes and security issues that need addressing by competent staff.

That being said, it is very strongly my opinion that more often than now opinions and statements over this OS vs that OS tend strongly to come from personal preference and bias than any strong attempt to stay objective and acknowledge ones gaps in knowledge for any potential OS.

Bingo. No one is at fault for having their own preferences. The only fault I have is when those preferences color the more general, objective takes on the topic of IT security.

Nice "according to you" incredulity use there. Don't just take my word for it, Zone-H (http://www.zone-h.org/news/id/4686) should be a decent third-party source.

Operating System | Year 2005 | Year 2006 | Year 2007
Linux | 276.350 | 446.311 | 306.076
Windows 2003 | 72.377 | 183.953 | 114.137
Windows 2000 | 101.151 | 69.754 | 23.838

Wow... Talk about cherry picking data. And misrepresenting it too! Have you even looked at the other numbers on that page? Do you realize that the numbers you've quoted are worthless without context -- i.e. the context of attempts vs. successes? Not to mention that if you're going to compare the reliability of software platforms, you have to remove all the figures that include attacks based on non-software means (such as access of an admin panel through social engineering).

Some of the most senior level Windows consultants I know work from a Mac. They recognize the individual benefits of the Mac for helping them work. But they recognize that Windows and Microsoft has a much more mature and existing platform for deploying corporate and business applications.


Let's not forget that that has nothing to do with the platform itself and everything to do with the applications out there...

Wow... Talk about cherry picking data. And misrepresenting it too! Have you even looked at the other numbers on that page? Do you realize that the numbers you've quoted are worthless without context -- i.e. the context of attempts vs. successes? Not to mention that if you're going to compare the reliability of software platforms, you have to remove all the figures that include attacks based on non-software means (such as access of an admin panel through social engineering).

Absolutely right... Also, raw numbers are pretty much worthless without market share %...

Let's not forget that that has nothing to do with the platform itself and everything to do with the applications out there...
How is the platform not closely tied to the applications? The point wasn't that senior level Microsoft consultants are all about Mac's being awesome. It was to represent that they were open to using various technologies to their benefit, regardless if their knowledge of say Microsoft applications being their bread and butter and subject of expertise.

The applications certainly help enable the platform sure. In this case, the personal benefits they enjoy working on the Mac with applications which allow them to either run VM's very seamlessly.

I personally don't use one, but its not for me thinking their no good, and rather all a matter of time and money and what I've decided to focus on.

How is the platform not closely tied to the applications?

The availability of applications is more a measure of the market than of the technology.

Protecting against malware is easy. In fact, I am starting to believe that anybody whose computer is full of malware is an idiot.Perhaps you're right...

Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots.

So far, the Universe is winning.
Rick Cook

How is the platform not closely tied to the applications?


That is not what I was saying. You said:

Windows and Microsoft has a much more mature and existing platform for deploying corporate and business applications.


And pointed out that this is incorrect: the platform might be better for deploying corporate and bisuness applications, but that has nothing to do with the maturity of the platform and everything to do with the plethora of corporate and business applications for the platform out there.

Wow... Talk about cherry picking data. And misrepresenting it too! Have you even looked at the other numbers on that page? Do you realize that the numbers you've quoted are worthless without context -- i.e. the context of attempts vs. successes? Not to mention that if you're going to compare the reliability of software platforms, you have to remove all the figures that include attacks based on non-software means (such as access of an admin panel through social engineering).

Apparently, you didn't read the data on the page. You seem to not understand the data either, since attempts versus successes would be a non-quantifiable number-- there aren't sources out there that record bulk attempts. Hell, I could give you my own work logs of recognizable attempts and those would would number in the thousands alone in a month, so trying to gather those kinds of numbers would result in ridiculous statistics.

As for the different vectors for attacks, some of which are listed on the linked page, you're barking up the wrong tree (or again don't understand what you're looking at in the numbers). Had you instead pointed out that the numbers I used included only defacements and not all successful attacks-- defacements being used because they are the most common and proportional to the total number of known (reported) web server attacks, of which I reported the top three-- you may have displayed a closer understanding of what I linked. Instead, you're dismissing what I posted based on excuses that don't apply to what I'm pointing out, like the subjective "reliability of software" or the incorrect "attempts vs. successes" accusation. All due respect, but your reaction seems to go further into the realm of emotion-based responses that the "OS war" debate tends to be rife with. I'm not arguing that one OS is somehow inherently better than others, I'm rejecting claims being made from ultimately subjective or personally-biased bases.

-----

Absolutely right... Also, raw numbers are pretty much worthless without market share %...

I agree, and one of the reasons I tend to bring servers (particularly web servers) into conversations like this. There's no doubt that Windows clients are among the most heavily exploited client-side machines, and a lot of that does come from the disparity in 'surface area' out there. Similar tenets apply on the server side, though there isn't as much blatant disparity as there is on the client side. On the web server statistics, I believe the numbers are somewhere around Linux having somewhere in the 60% to 70% range, Windows in the 20% to 30% range, and what could be counted as "other" (everything else, including OS X) being somewhere between the 5% to 15% range. Different sources give different numbers, but they're all fairly consistent in that Linux is obviously the dominant presence in the web server market. Meanwhile, Windows tends to hold somewhere in the upper 80's or low 90's in percentage of client (desktop) computers in the market. So, yes, market share does indeed contribute to understanding the numbers in terms of security. In fact, that Zone-H link I gave also comments on this fact: "In the past the most attacked operating system was Windows, but many servers were migrated from Windows to Linux...

Therefore the attacks migrated as well, as Linux is now the most attacked operating system with 1.485.280 defacements against 815.119 in Windows systems (numbers calculated from 2000)."

I'm being completely honest in my criticism, scout's honor. The single most important facet in computer and IT security is not the OS, not by a longshot*. The numbers bear this assessment out. Switching operating systems is not going to inherently make you safer. Attacks follow usage, not operating systems.


* The most important facet is people, specifically competent people, whether IT/IS staff or homoe/personal users.

I'm being completely honest in my criticism, scout's honor. The single most important facet in computer and IT security is not the OS, not by a longshot*. The numbers bear this assessment out. Switching operating systems is not going to inherently make you safer. Attacks follow usage, not operating systems.


* The most important facet is people, specifically competent people, whether IT/IS staff or homoe/personal users.

I agree. The biggest IT security threat are and always will be people.

And people who use Linux used to be generally tech-savvier. In my experience, that is. I couldn't say for sure the reason behind this. I'm inclined to believe it's because of the system itself. Because of the way it makes you understand how things work. It could also be because of the general mindset of the average Linux user. Who knows?

With the advent of user-friendly distros like Ubuntu, all the interesting stuff gets tucked away behind the same wizards that people got used to with Windows. So the above argument is slowly fading. Just as Linux gets more market share. Funny, isn't it?

Bottom line: switching the OS won't make you inherently safer. For the desktop it might, but just because there are less exploits for non-Windows systems out there. For now. On the server market the best advice is to go with what you know.

On the server market the best advice is to go with what you know.

The best advice for whom?

The best advice for whom?

He means the typical advice between IT professionals, not starting from scratch or a blank state. The advice is to go with what you know, and if possible test and get to know what you don't (to increase the "what you know" spectrum).

He means the typical advice between IT professionals, not starting from scratch or a blank state. The advice is to go with what you know, and if possible test and get to know what you don't (to increase the "what you know" spectrum).

I don't disagree that going with what one knows is good for them, but what about any other parties that may be involved? Is the use of familiar technology always the best choice for all concerned?

He means the typical advice between IT professionals, not starting from scratch or a blank state. The advice is to go with what you know, and if possible test and get to know what you don't (to increase the "what you know" spectrum).

People pay me a lot for my opinion, and that isn't what I tell them.

I tell them that if they must integrate closely with a Windows SQL server or use FrontPage extensions with their sites, that a Windows server is the only way to go, but lacking those requirements LAMP is the industry standard, closely followed by BAMP, and they need to find some absolutely compelling reason not to go with one of those.

It really depends on what you're talking about. In certain specific cases, no-- the answer is to find someone who is familiar with the platform or software you need and use them. In other cases, then it's incumbent on the person who is going to be maintaining the technology to have familiarity with it or the ability to familiarize themselves with it quickly-- which usually means literally "going with what you know" in such cases. If there's a business unit who needs a certain software back-end or specific platform-- say a large SAP or Oracle database-- then obviously there's not much rationality in asking them for an opportunity to reinvent the wheel or find some "alternative" to their generic need. However, the same goes on the client machines as well: if MS Office or AutoCAD or Adobe's suite of tools is the standard, then go with them because "alternatives" are going to cost more time and practice for the learning curve.

It really depends on what you're talking about. In certain specific cases, no-- the answer is to find someone who is familiar with the platform or software you need and use them. In other cases, then it's incumbent on the person who is going to be maintaining the technology to have familiarity with it or the ability to familiarize themselves with it quickly-- which usually means literally "going with what you know" in such cases. If there's a business unit who needs a certain software back-end or specific platform-- say a large SAP or Oracle database-- then obviously there's not much rationality in asking them for an opportunity to reinvent the wheel or find some "alternative" to their generic need. However, the same goes on the client machines as well: if MS Office or AutoCAD or Adobe's suite of tools is the standard, then go with them because "alternatives" are going to cost more time and practice for the learning curve.

I agree, there are many factors to consider, which is why I was asking to whom it is considered "the best advice."

I agree, there are many factors to consider, which is why I was asking to whom it is considered "the best advice."

Right. Which is why I specified the IT professionals. The standard for career growth is to learn more to widen your experience and grow professionally (which should == more bucks), but always follow a foundation. That's not advice for someone who is just starting a company or is just moving into a business leadership position-- there are different common policies, theories, and practices to follow.

People pay me a lot for my opinion, and that isn't what I tell them.

"Business" consultant? All due respect, but in the few occasions I've been in a job where my opinion was being paid for, it turned out it wasn't my opinion they needed, but an informed set of information broken down for them in terms they understand. There's no offense intended, it's just that I'm very dubious of the "paid for my opinion" type of attitude, particularly from the perspective of a customer or client. Typically, what's being paid for is expertise, not opinion.

I tell them that if they must integrate closely with a Windows SQL server or use FrontPage extensions with their sites, that a Windows server is the only way to go, but lacking those requirements LAMP is the industry standard, closely followed by BAMP, and they need to find some absolutely compelling reason not to go with one of those.

Hey, that's great. Good for you.

The standard for career growth is to learn more to widen your experience and grow professionally (which should == more bucks), but always follow a foundation.

Learning and growing are fine, but within reason. One should not expect an employer to give them a job for which they are not qualified under the assumption they'll just pick it up along the way.

The best advice for whom?

The best advice for an IT professional who is about to design a system from the ground up.

Learning and growing are fine, but within reason. One should not expect an employer to give them a job for which they are not qualified under the assumption they'll just pick it up along the way.

Of course not, but isn't that kind of a different discussion?

Of course not, but isn't that kind of a different discussion?

The overall point is that there is more to consider than the needs and aspirations of the employee. What is best for the IT worker may in fact be the worst for others. To say the best advice is to go with what one knows, without qualifying it, comes across as rather naive.

The overall point is that there is more to consider than the needs and aspirations of the employee. What is best for the IT worker may in fact be the worst for others. To say the best advice is to go with what one knows, without qualifying it, comes across as rather naive.

I think you're taking literalism to the extreme in your assessment.

"Business" consultant?

Software engineering consultant.

Everything from web sites to nuclear power stations.

I do white papers.

I do presentations.

I engineer solutions.

I implement solutions.

I fix the shoddy work of others.

I even write custom operating systems (and have a number of times) for applications that require them.

Software engineering consultant.

Everything from web sites to nuclear power stations.

I do white papers.

I do presentations.

I engineer solutions.

I implement solutions.

I fix the shoddy work of others.

I even write custom operating systems (and have a number of times) for applications that require them.

And yet, in a thread about AV solutions in a corporate Windows network, you suggested "get Linux or Mac OS X. Seriously". Do you make similar suggestions to all of your Windows-using clients? Or do you just avoid dealing with them in the first place?

.
How can anyone with any sense NOT feel strongly about Windoze!
It's crap from A to Z, and it can't there from here!
But we're stuck with it... those of us financially challenged.

I don't feel strongly about any software.

Software engineering consultant.

Then I stand by what I said. Whether you feel the same way or instead feel that it really is your opinion you're being paid for is entirely up to you. I have no desire to tell you how to do your job.

I fix the shoddy work of others.

Don't we all? If I had a penny for each time I've either said it myself or had someone else say it to me about their work in IT, I'd have at least $100 by now. The down side is that it would all be in pennies.

And yet, in a thread about AV solutions in a corporate Windows network, you suggested "get Linux or Mac OS X. Seriously". Do you make similar suggestions to all of your Windows-using clients? Or do you just avoid dealing with them in the first place?

In my sector, its whether you use Solaris or BSD, but I have placed quite a number of OSX Macs into those environments replacing Windows machines that just did not integrate well. OSX is at its core BSD Unix on top of a Mach kernel, and most major packages have been ported and X-windows works natively. And the malware issue disappeared for those clients.

I had AVG, then kept getting the update issues so switched to Bullguard. Bullguard had an extended free trial on it so I thought give it ago. I tried Norton and could not get on with it. Kaspersky looked to tecnical for me. I like AVG for its ease of use and quiet background. Now having to use Vista , everything it seems is uncompatable.