Basil Chupin wrote:
This is a repost of my response to something which Aaron stated - as an expert on Widows security (amongst other things ) - and which he has apparently chosen to totally ignore because it doesn't suit him.
To be kind, however, it could also be a simple matter of him missing reading my message.
Anything is possible in this world.
What would be very nice, from the expert on Windows, and everything else in the universe, is a response on what I asked in my original post dated 12 February 2008 - today is the 18 February - reposted below.
QUOTE
Basil Chupin wrote:
Aaron Kulkis wrote:
James Knott wrote:
[pruned]
TI don't think running Windows XP on a desktop securely is rocket science. My parents have pulled off such a feat -- they've never had any security issues, and of the people I know, they are the least computer literate. My brother is now on OS X, but not because of security issues. He just wanted a better computer with a better OS than what his XP-powered Wintel box was.
Do they run as admin or user? Do they have any applications that force them to run as admin?
XP PRO *insists* that someone be an 'assistant Administrator' and the first user who is created after the Admin is assigned Admin rights. The thinking here, it seems to me, is that if the Admin gets run over by a bus then the 'assistant admin' has full access to the OS. That is the way I saw/see it - but I may be wrong.
But being a 'normal' user on XP is really a big pain in the arse because you cannot install any new software, or do some maintenance, unless you have Admin rights. Which is why many home users simply run the OS in Admin user mode - even if they know what this means.
[pruned]
"Security" in Windows comes from patching a sieve.
More specifically, replacing one section of permeable wire mesh with a new section of permeable wire mesh -- BY DESIGN.
The many back-doors in Windows are *NOT* accidental.
Which brings up a very important question requiring an honest answer.
The matter of Windows having deliberate in-built backdoors has been mooted for quite some time.
A number of Windows applications claiming to be Firewalls which not only prevent INBOUND access into the system also claim to prevent *OUTBOUND* unauthorised access to the Internet by applications.
ZoneAlarm, for example, is one such security applications. (I won't go into the details of who owns, or is associated with the company which actually owns, ZoneAlarm but it may be indirectly relevant to this topic of "back-doors" in Windows.)
How, say, such a well known security firewall application as ZoneAlarm handle the back-door issue which is inbuilt into Windows' applications?
Is ZoneAlarm, and similar, capable of preventing back-door traffic, both inbound and outbound, inbuilt into Windows systems?
About 3 years ago (I have the messages somewhere on file) a person (?programmer) found that ZoneAlarm was "reporting" back to ZA servers about the system they were installed on and ZA, of course, claimed that it was a "coding" glitch; there was a fix (I asked the reporter for "The Inquirer" to publish the 'fix') and the "glitch" was fixed. But, in the real world, what do ZA et alia do to handle the inbuilt back-doors in Windows (put there, I have read, at the request of the American Intelligence Agencies - which is one of the reasons why the Chinese governement won't touch Windows with a 10--foot barge pole. And I am *NOT* trying to introduce politics into this discussion!)
There's your answer right there. There's other ways to get information out of a computer other than well-known TCP/IP ports. My basis for the accusation is simple... Most all of the Windows exploits attack only a couple applications: IE, Outlook, and IIS, and occasionaly Office. One would think that with all the bad press it gets, that MS would direct their people to go over that code with a fine-toothed comb, so to speak, and ELIMINATE THE SECURITY WEAKNESSES. But for some Strrrrrrrrrrrrrrrraaaaaaaaaaaaange reason, these applications have never been secured. I find it incredibly strange that a company with one of the highest revenue streams on the planet, with virtually no costs other than people and publishing costs, is utterly incapable of securing 3 moderately-sized applications. I can come to only 2 mutually-exclusive conclusions : 1. MS is incapable of securing these applications. 2. MS does not want to secure these applications, because doing so would interfere with their business. #1 is laughable. With the amount of money they have, they can get enough people to review and fix these apps so that they're secure. This leaves only option #2. It's not a question of security expertise, it's simply a matter of deductive LOGIC.
This is not simply a MS related question, and therefore may be considered by some to be OT, but what MS, et alia, is forced to do may also be relevant to what pressures OSs such as openSUSE may be subjected to. Dunno, just asking....
Ciao.
UNQUOTE
Hoping for a reply......
Ciao.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org