Stop blaming Microsoft for cybersecurity woes
Anyone thinking about cutting security spending to save money during the recession should read a copy of the new Center for Strategic and International Studies (CSIS) report titled "Securing Cyberspace for the 44th President." The report outlines a pattern of persistent attacks which are no match for our vulnerable Internet infrastructure. For those who can't or won't take the time to read this report, try listening to the recently aired cybersecurity discussion on the National Public Radio show On Point.
The message here echoes my somewhat infamous tagline: "information security is far worse than you think," and the situation continues to grow more dire. Each day we add new applications and devices to the global IP infrastructure, making the whole Internet more complex and difficult to secure. The bad guys know this all too well. While we make the infrastructure more insecure, they figure out better ways to exploit these weaknesses.
As the CSIS report indicates, a lot of work must be done quickly to address all of the problems at hand. I humbly submit an additional requirement to the security community: it is time to stop blaming Microsoft for the sorry state of cybersecurity. Now, I realize that this is a rather controversial request, but I think the time has come. Here's why:
1. It's a numbers game. Microsoft's success makes it a target--no other platform has nearly as many systems connected to the Internet. The fact is that if Linux, Macs, or UNIX systems dominated the Internet, they'd be under pervasive attack, too. Would we be better or worse off? Who knows?
2. It's unproductive. I really don't understand what anyone hopes to accomplish by blaming Microsoft. Should governments single out Microsoft for some type of special security threshold? Should Windows systems be kicked off the Internet? There is plenty of blame to go around beyond Microsoft, so singling it out accomplishes nothing.
3. Microsoft is actively addressing past security shortcomings. Think what you will about the security of Microsoft products, but few other companies have done more to improve their software security development, employee training, and testing processes than Microsoft. Microsoft is also taking its Secure Development Lifecycle to others through its SDL Pro Network partners like Security Innovation. In fact, Redmond even contributed to the CSIS report, Microsoft Corporate Vice President of Trustworthy Computing Scott Charney is one of the CSIS co-chairs.
We in the security community can debate the root cause of the problem all day and clearly the topic of Microsoft would come up often. That said, we don't really have time for intellectual banter. Let's agree to disagree on the cause of the problem and focus on channeling our energy into a collective solution--while we still can.
Jon Oltsik is a senior analyst at the Enterprise Strategy Group. He is not an employee of CNET. 
Once you crash your brand new car and get it repaired, you'll never look at it the same again. This saying goes for Microsoft.
So how many hours did you spend to install any applications on those 200 machines? Months?
In my office, 2000 machines are patched within 6 hours.
And tell me an OS that doesn't need any patching? Any?
There is only one plausible explanation: tekwiz4u is not a very good admin.
Final, ben, celtic, and sea. I guess I didn't have to explain in detail on the work environment i had to deal with at the time, but it compels me to do so in response of 'childish' name calling. These machines we're not in a domain environment, 85 percent of the machines were remote users, and I tried to get approval for a network restructruing plan, which they balked because it was costly. I couldn't even try to install microsofts service packs on the server without going thru 3 incompentant senior admins. I even tried to push WSUS to make it easier to deploy patches to machines. That got held up in red tape. After the fiasco, result ended in the company firing all 3 admins, and me taking over the network and getting approval for my proposal. All the machines are IN a domain now, all of them have policies, remote backups, and secured in a IPSEC VPN enviroment thru a Cisco Concentrator. And now I can sit back and watch all of them get updated without any intervention.
In my original posting, i was merely stating the fact that Windows does have its flaws, and microsoft is not putting enough effort in researching and securing their own product, until something blows up. And not alot of admins have the luxury of having systems update themsolves because of budget contraints. If all of you are admins, you SHOULD know this political play. So before all you guys start judging character, asks questions first then before jumping the gun.
I understand the fact that companies dont want to hear about IT spending. When it involves big dollars, they cringe. But that does not excuse the fact MS product has flaws. If MS software is ridden with holes, who's fault is that really? Do you blame all admins for not doing enough about it? Do you think it would make more busniness sense to throw out all WINDOWS computers and replace them with MACS and attempt to install incompatible software? There is no favorability here on what OS works. Sometimes you have to take a step back and look at the whole picture.
"Windows does have its flaws, and microsoft is not putting enough effort in researching and securing their own product, until something blows up"
Windows, linux, and apple have their flaws in the software as evident by the fact they ALL put out patches and on a regular basis. All of them don't know about the flaws until they are discovered, and usually by a 3rd party. Then they release a patch. This isn't something unique to microsoft, they all do it this way. You are blaming microsoft for what? Because your company IT sucked? Because their patch policy is the same as everyone else? Get over it.
"Windows, linux, and apple have their flaws in the software...."
You just reiterated mysole point I was trying to make, so why are you still harpin a company's responsilibity to know these flaws? Don't point the finger at the customer.
Seems like you need to get over it.
There are people who live to bash anything and everything Microsoft, but do not actually have useful ideas or advice on how to deal with the issue. Sure, it's easy to blame Microsoft, but you can't just magically make it all disappear. Deal with what is here, not what is in a fantasy.
Those same people are so fixated in their hatred against Microsoft that they wouldn't be open to any sort of new idea regardless of the source. It's all about bashing Microsoft and nothing else.
I rather expect we'll see rather fine examples of this sort of behavior shortly in the comments here.
Given the complete lack of publicly-accessible copies of Windows source code, how exactly do you propose we remedy that?
"Sure, it's easy to blame Microsoft, but you can't just magically make it all disappear. Deal with what is here, not what is in a fantasy."
IOW, Eat the downtime and live with it. Nice pro-customer attitude you have there, Dan.
"...wouldn't be open to any sort of new idea regardless of the source."
New ideas I have no problems with. Flawed ideas or suggestions based on logical fallacy (or worse, PR-inspired punditry) are worse than worthless - they are counter-productive and may even cause harm to anyone who heeds the advice.
If there was any possible way to misunderstand, misrespresent, and misinterpet my comments, you have failed to do so. :) You did a fantastic job of completely missing the point of both my comment and the entire article. This attempt of yours to spread FUD is just... well, petty. Typical of you, but petty none the less. I would recommend you go back and reread the article and comments with and open mind. I realize this is not something you are known for, but it would be a novel approach for you and one well worth trying at least once in your life.
RE Windows source code: I don't have a ready answer for that, but then again, neither do you. Nobody does right now. You have to look at the overall issue instead of fixating on your obsessive hatred for Microsoft. That is completely blinding you to anything else.
RE Pro-customer attitude: You sir, are right now advocating peole live in fantasy instead of dealing with the issue. I would hope you had something constructive to say, but .... no, you focus on your bigotry once again. That is really quite sad.
RE New Ideas : Oh, you have plenty of problems with new ideas. You glasted Microsoft for cooperating with the Open Source sector. You screamed bloody murder about OS Security patches. You actively tell people to not use any sort of AV, firewall, or use any sort of securty precautions on Linux or Macintosh systems. Open mind? That's a laugh. You open to new ideas? I find that very hard to believe when anyone only has to read your comments and see that you're even more closed than Apple is.
I am really disappointed in you, Penguinisto. You had the opportunity to be helpful with constructive comments and have an open mind, but instead you resorted to your typically trollish comments.
At least you lived up to your reputation. I have to give you that much. It's not a reputation many people would be proud of, but you're consistent.
Read through his comments and ask yourself, "Is this the sort of person with an open mind? Is ths the sort of person who doesn't have a personal agenda? Is this the sort of person that can be trusted to be unbiased and truthful?"
I can't answer that for you. You'll have to read his comments and make that decision yourself. That's all anyone can really do.
Why thank you, I think... (IOW, thanks for saying I represented and interpreted your comments perfectly... though my intention was to point out things you may have missed).
BTW - it's not FUD. The point is simple: you claim that we, the professionals, are somehow to blame for, as you put it, "inaction on our own part in the industry"
Well, okay... I don't know about you, but there's a reason for firewalls, patch programs, mitigation activities, and the like. The only thing I cannot do vis-a-avis Microsoft products is to take direct action by blocking the flaw directly, within the OS. Why? No source code. In Linux, I can recompile unused parts right out of the kernel itself, thereby removing any security risks associated with flaws (potential or actual) in the kernel. I can remove unused modules, daemons, what-have-you... removing completely any and all flaws that are or may be in those components. Overall, this is a proactive way to reduce and remove security threats. It is also something I cannot do with Windows due to its proprietary nature, and I present Internet Explorer as evidence to this fact.
"Deal with what is here" is not something one can avoid, but - I would expect, that as an employee/contractor for Microsoft, you would have at least a more pro-customer attitude, Dan. Also, you miss what comes with that: Downtime. A huge chunk of Windows patches mean one thing in my estimation: Downtime. Sure, it's short downtime - a reboot and some testing, but when we're talking about multi-million-dollar production tools that have to eat literally ~$500/minute in downtime with additional 20-minute-each spool-down and warmup times? That five minutes tends to stretch out to nearly 45 minutes at a bare minumum, and then gets real expensive if something doesn't agree with the patch. (and yeah, I'd love to strangle the guy who embedded an XP workstation into these tools, but hey - I literally, as you say, have to deal with what is here, not with what I would prefer).
You see Dan, unlike the help desk, some of us have to deal with real money when it comes to any downtime at all, and we get to answer questions posed by folks who are more than some inconvenienced administrative assistant who can't get an Excel macro to record.
2. Has the penguin ever heard of the firewall built into windows that will let you pick and choose what ports are and are not available? Has the penguin ever heard of add/remove programs that lets you pick and choose what windows components you wish to use and those you do not (i.e. what components are loaded/not loaded into the kernel)? This gives you the ability to unload modules you don't need and restrict access to only those ports that are providing services. Penquin, stick with linux where you know what you're doing. Stop spouting garbage about what you don't know.
Read through his comments and ask yourself, "Is this the sort of person with an open mind? Is ths the sort of person who doesn't have a personal agenda? Is this the sort of person that can be trusted to be unbiased and truthful?"
===================================================
Uh, Dan ... not to put to fine a point on it, but are you sure you want people asking those questions with the blistering attack campaign you've started against Peng?
Come on Dan, you *BOTH* have agendas to push. The fact they are conflicting agendas is the reason you keep butting heads. You're rational enough to understand that Dan, I know it.
I'll explain it again, this time (hopefully) a bit more clearly.
In Linux, I can literally remove parts of the kernel that I do not need. How? By recompiling it, which requires source code. I can rip out (entirely) functionalities that the machine I'm parking that kernel on simply do not need. This in turn gives me greater security (so if there's a flaw in, say, IDE, but I do not have or use IDE and thus compiled-out that functionality), I don;t have to worry about it, at all.
You cannot do this in Windows.
Does that help any?
Microsoft is very aware of the concept of attack surface area, which is why Windows 2008 allows you to install the OS with very lmited core services. Or is he comparing the current version of Linux to the now 5 year old version of Windows 2003?
I happen to use a 300K source line chunk of open source code, under Windows. I don't find having the source code makes bugs magically vanish, and would MUCH rather have the bugs fixed by the developers who spend all day working on that source code. At times, It would be useful to look at the Windows source code, but I'm totally ok with not having to be responsible for making changes to it. The QA done by Microsoft is just light years more sophisticated than I possible have resources to do.
I love admins like this, and was the flaw from Microsoft of was it a 3rd party program running on MS where the flaw was opened up? Most of the time this is the case.
Also find another OS maker that fixes flaws faster than MS? OSX, for example, STILL has flaws opened and unfixed for months now. Is Windows flawless no, is there something better? NO. And sorry Linux-heads, I've worked with Unix and VAX since before the internet, its what most of us hacked into and ran pirate boards from !
The biggest flaws are usually 1 of 2 things: 3rd party programs or users ( stupid in= stupid out).
At the same time, I really don't want to see Linux become adapted by the mainstream. So I really don't care that Microsoft holds the dominant market share.
Cheers.
Also find another OS maker that fixes flaws faster than MS? OSX, for example, STILL has flaws opened and unfixed for months now.
==================================================
Funny, didn't M$ recently patch a flaw in winblows that's been lurking in the code for the last 7 years, affecting every single version from w2k through and including fista?
Wanna construct another false argument?
The blue screen of death, and exploits, are two things that Microsoft never fixed since 1995 but promised us they would.
Now it is not Microsoft's fault, that Windows has security holes in them so large that the space shuttle could fly though it?
By the way, if you really don't know what causes blue screen of death, please google it first. And at same time, google kernel panic.
Every copy of Windows shipping today is forced to live with the flaws of NT 4. Fortunately, "The fact is that if Linux, Macs, or UNIX systems dominated the Internet, they'd be under pervasive attack, too. " isn't correct, because if it was, there would never have BEEN an Internet. I swear, some of you folks have very short memories - at one point UNIX and UNIX-alikes (NextSTEP, OPENSTEP, Solaris) were the only machines ON the Internet, and they weren't crippled to the degree that today's Microsoft systems usually are.
It most certainly is their fault.
When there is no car on the planet, it will be lucky to hear a people struck by a train. Now millions people died, injured in car accidents. So we blame cars? So we build more trains?
Do we really have a real transportation if there is no car? Do we really have an internet if there is no Windows? Please remember, it's not those *nix backbones, it's the networked Windows that created this internet ecosystem.
By the way, if you cannot find a system that don't need patching, nothing else makes real sense.
"The blue screen of death, and exploits, are two things that Microsoft never fixed since 1995 but promised us they would." According to who? What is your source for this?
Go read the facts. Microsoft has rebuilt the kernel more than once since 1995 and they have done major improvements in security and reliability. Take your FUD somewhere else.
I swear, some of you folks have very short memories - at one point UNIX and UNIX-alikes (NextSTEP, OPENSTEP, Solaris) were the only machines ON the Internet, and they weren't crippled to the degree that today's Microsoft systems usually are.
=====================================================
Bingo. Thanks for bringing reality back into the conversation.
However, I'm not sure people really blame Microsoft for the fact that hackers exist; rather, I think they blame them that it seems far too easy for loopholes to be found and that Microsoft isn't nearly as speedy as it should be in addressing these issues. If you'll allow me to twist your words, "Microsoft is actively addressing past security shortcomings." The key word here is past- by the time they've fixed said problems, they're already several generations behind the latest security issues.
And for the record, I don't hate Microsoft. I just don't prefer them.
Linux and Unix systems ARE under attack, just not by the same kind of rampantly spreading worms that plague windows, and that isn't an old problem there was another one just a few weeks ago. Microsoft is to blame for such things, not because their software has bugs but because they designed it incompetently and in truth haven't done much to fix the situation despite your claims that they have.
Poor Microsoft..........
I ask why is it wrong to blame MS for a systematic neglect of security over most of its life span? It is only in recent years that MS has even started to get serious about it. They made a conscious choice early on to make ease of use more important that security and we are still paying the price for it now. If MS is not to blame for this decision then who is?
Microsoft is the only one who knows what their software actually does, and until the source code is publicly available ... it will still be a security threat to each and every person who runs it. (This logic applies to ALL software that does not allow their software to be compiled from source, including Mac OS X)
This is not open source zealotry, it is simply the truth.
Seriously - when any 13-year-old in Eastern Europe can write a script or rig a webpage to pop a Windows box, but has to really work at it (or pray for unpatched PHP installations) to compromise any other OS installation? When Apache has majority marketshare among web servers (and has since the original ISCA version gave up its marketshare ghost), yet has less exploits around for it? Are you frickin' insane to push that tired old PR-driven argument?
Tell you what - OSX is growing almost exponentially these days. It now has a marketshare large enough that ignoring it would be the height of stupidity - even for a criminal. So where are all the exploits for it? Even proportionally, one would expect that 8% of all exploits out there would be written to target OSX. Instead it's a figure closer to 0.0000000001%.
Re: "Should Windows systems be kicked off the Internet?"
Argumentum ad Absurdum. Most of us would be happier if they'd simply rebuild Windows so that it isn't so drop-easy to compromise once something gets past its outer shell. Un-integrating IE with the OS core would be a damned good start...
Re: "Microsoft is actively addressing past security shortcomings"
No one serious about security is arguing that they're not. The problem lies in how they are going about it, and the lack of results. What they do end up doing is generating bloat, building useless bells and whistles, and in general not sufficiently addressing the serious architectural issues that plague their NT foundation.
http://en.wikipedia.org/wiki/Reductio_ad_absurdum
Microsoft has never known how to do security correctly. This fact is reflected in their hamhanded attempt to make the NT 4 security model more secure by having the user do all the work. Nice job, Redmond - why do the hard stuff like rewriting your OS, ripping out compatibility for the sake of security, when you can just get users to sit there and click dozens of UAC dialogs all day!
Now that you've blasted Microsoft with your bigoted hate speech, how about you actually say what you would to to address the issue instead of just complaining about it? Is that possible? Surprise everyone and try it again with an open mind. It would be refreshing for a change.
How about throwing Windows the same break Peng? Unpatched anything on the internet this day and age is like walking around with your pants down.
BTW, I just removed some ad-ware from my non-techie neighbors PC that was causing a bunch of pop-ups. They had installed some "free" games that also included the ad-ware. This had nothing to do with patches or security holes. This was something they chose to install. You can't blame Microsoft for my neighbors' stupidity. If that was true I could blame Microsoft for Peng's stupidity too.
Exactly, 'mano.
@ kojacked:
PHP is an app - if it breaks, the worst that happens if I have to fix it is this: I take the site offline, I patch PHP for the customer,find the bad script that allowed the break-in and replace it, then replace any damaged/altered pages with known good ones. A PHP compromise does not require a complete OS rebuild, and never leaves the chroot jail that it's stuck in. An OS compromise OTOH is an insidious PITA that requires a complete re-install, which is usually the case with a Windows compromise. Trust me - it is far faster to clean up a busted website due to bad PHP than it is to rebuild an entire webserver, OS and all - especially remotely.
Therefore, no - I won't cut Windows (or any OS-level compromise) the same break as a mere PHP failure.
Let me lay out where you went wrong: you confuse a contained, permissions-restricted application like PHP (where even Apache isn't touched) with a systemic OS-wide compromise that can burrow deep within Windows itself and cause all kinds of havoc - especially if it a member of an Active Directory domain (now only an idiot would allow that, but I've had to clean up more than my share of bad "Em See Ess Eee" messes before).
@ Dan: Do not confuse an honest evaluation with "hate speech" - you demean minorities everywhere and their struggle for equality by doing so. If you are continuously unable to address the technical points of what I write, then kindly keep quiet. Thanks in advance.
/P
And I remember all the geeks at the local college hacking their way into unix systems and completely taking them over. To maintain that only Microsoft is hackable is very laughable.
@ Seaspray - nice try at distraction and hand-waving. Now go look up Metasploit, and tell me with a straight face that any 13-year-old couldn't figure out how to use it. QED.
"PHP is an app - if it breaks, the worst that happens if I have to fix it is this". You might want to look back at some of your bashing of Microsoft then. You never seem to differentiate between an app exploit and an OS exploit when it comes to Microsoft products (or third party products running on a Microsoft OS). Keep the spin coming...
Oh and from one of your earlier comments I'm sure the world is full of people who want an OS that they can pull out components and recompile it to make it more secure. What color is the sky in your world? Pink I think.
You neglected to mention it could be used to hack unix/linux and Mac OS X systems as well? Of course you did, you biased, one sided, close minded, MS hating...
The other thing I'd like to point out is the source of all that rampant spam clogging your filters, if not your inbox. The vast majority of that comes from Windows machines acting as bots--or clueless mail administrators who bounce bogus messages back to innocent people.
People need to realize that if they are using Windows and don't have a competent administrator keeping it clean and bot-free, they are part of the problem. The same people who complain about spam may actually be spreading it...
Regular users don't care about infrastructure security bugs. They care about bugs in applications whose names they recognize and use. More popular the system is, more users who are interested. This means the more attention articles on said bugs make. Hence, more attention to the bug finder.
Comparing locked down server installations to widely complex user systems though is comparing apples and oranges. IIS and Apache both have had bugs in them. They are not so different.
Really, though, the article has nothing to do with MS. It is about everything else which isn't being looked at. Applications which don't have extensive white and black box analysis. Vendors who do not train their developers in secure programming practices. And a huge reason is because of these myths and general misunderstandings about vulnerability analysis. This creates huge complacency.
There is another angle here, however. For black hat bug finders, the weakest link is the user. Not just because they have zero security sophistication. But because they are behind the DMZ. The web servers and such tend not to be.
That said, having looked at routers, they tend to be like butter. Custom systems are rarely well secured. Apache is good code, having looked at it, though the web apps developed on it tend to be as insecure as the web apps developed in .Net. Both are like butter.
Companies are not securing their code. Bottomline. MS has had to. What people are seeing when these bug reports come out tend to be bugs found in obscure systems of client side attacks. MS has a huge attack surface there, but even a minor bug in an obscure MS application tends to get a lot of news coverage because it is MS. That pays off for the bug finder.
More systems you add to a *nix system, more it tends to be insecure. If you really think all of those piddly little obscure apps out there are secured and security is a priority, you are wrong. Some developer creates a neat little application with a hundred thousand users or whatever, it generally won't be secured. It takes a lot of time and obscure training to code it securely.
How many infected zombie PCs are connected to the internet that are spewing out spam because they are running old Windows releases with, in all likelihood, out-of-date or no virus protection?
Click on "Update Software"?
Gee, that was tough.
"and basically none of them would understand HOW to upgrade their machine."
Click on "Update Software"?
Gee, that was tough.
=============================================
And with the Ubuntu installation I have at home, virtually unnecessary. It runs automatically for me, like the slaves get with winblows update - only in Ubuntu it updates ALL the software on the machine and not just a handful of apps created by a proprietary vendor.
Maybe jumpjetta should try a Linux install before proving his/her ignorance publicly.
Last month the servers at Chase Bank were hacked.....by an unknown Microsoft flaw....$1.8 Trillion
The Pentagon was hacked....again by an unknown Microsoft flaw.... $400 Billion
Millions of Identities have been compromised...by unknown Microsoft flaws... $200 Billion
Switched my servers to SUSE Linux......PRICELESS
Most of the ridiculous comments here blame them for a lack of support or restructuring effort, yet, like the article specifically states, you give absolutely no feedback as to how it is supposed to be fixed.
Look at it this way - If you were trying to steal data, why would you even try on OSX or Linux based machines? I could compromise 100,000 Windows machines in the time that my e-mail would hit 1 Linux or OSX based machine. It's just not ideal to go only for Linux machines since God only knows if my fake e-mail will actually hit any.
I hate reading comments that state MS is always wrong, always has been, and apparently always will be. Please, make an OS for us that is 100% secure, we are all waiting :-)
Most of them center on casting aside the aging and poorly-built NT core, replacing it with something designed from the start for system/user permissions separation (that actually works), system/user memory separation (which Windows does not have, despite claims to the contrary), and at least a partial ability to perform the equivalent of a chroot jail - without having to literally code one yourself or buy a package to do it. So far they have tried, but judging by the constant failures and rampant malware, they've only managed to bloat the system horrendously for only small gains.
Does that help? Trust me, it's only a start.
And so they go ahead and do that and you'd ***** about driver compatibility. Round and round the Peng doest go...
You logic does not make sense when you argue the biggest company has the biggest target, but they don't need to be any more vigilant.
There is no such thing as security though obscurity but there is security from simplicity because there are less points to exploit.
As far as spyware and malware goes. I get calls all the time from people getting these items. In 12 years I have only ever had one spyware issue and it was my fault. It was caused by no one else.
We have only ourselves to blame if the OS is insecure because we don't take the time to install the tools needed to keep it protected.
Security updates are something that is going to happen no matter what. If Microsoft was to spend time to weed out and fix every bug before release we wouldn't have a new Windows release for at least 10 years.
http://support.apple.com/kb/HT2647
Eg,
BIND
CVE-ID: CVE-2008-1447
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.4, Mac OS X Server v10.5.4
Yes, though more correctly, there are two decent maxims... more complicated a system is, more likely it is to have faults. This is with anything. Even with physical devices.
This is why revolvers are so much more resistant to break down then more complicated pistols, for instance.
There is another factor at play, however, and that is the security and usability trade offs.
Both of these involve the attack surface of the application. A notepad has far less attack surface then a browser. A stripped down OS is going to have less attack surface then a full out, user friendly OS.
However, complexity in systems is inevitable. More complexity means more features for the end user. So, you see a lot of systems which were not so popular rising in popularity because of the increase of these features users like to have. And this will also hasten increases in security bugs.
But we bug finders won't look at systems that have ten thousand or a hundred thousand users for full disclosure, only if someone pays us to. As long as software vendors continue to ignore security in their code, there will remain problems.
Three stories down in the News.com feed: "Redmond issues eight patches that affect Visual Basic 6, Internet Explorer, Word, Excel, Windows Search, SharePoint, and Windows Media Components. "
- by Travis Ernst December 9, 2008 5:34 PM PST
- "1. It's a numbers game. Microsoft's success makes it a target--no other platform has nearly as many systems connected to the Internet. The fact is that if Linux, Macs, or UNIX systems dominated the Internet, they'd be under pervasive attack, too."
- Like this Reply to this comment
-
-
- by t8 December 10, 2008 2:08 AM PST
- Um, Linux and Apache is the dominant configuration for web servers. Yes they are targets, but they are inherently more secure.
- Like this
-
- by Dalkorian December 10, 2008 11:42 AM PST
- A minor correction Travis, NeXT came AFTER the *classic* Mac OS's. OS X, on the other hand, came after the NeXT acquisition and was a complete rewrite of the "classic" OS, based on the NeXT code.
- Like this
-
- by ckurowic December 10, 2008 3:57 PM PST
- Seems to me the author of this craptastic story does need a lesson in history, or basic computing for that matter....
- Like this
-
Showing 1 of 2 pages (99 Comments)Unix and other versions of it ARE the OS of the servers on the net. They don't use Windows on the servers for security reasons as well as performance. They don't need the machines freezing up a few times a week due to traffic or data streaming through.
RE to the other post, Apple's OS was not based on the NeXT system. NeXT came AFTER the Mac OS if you remember your history.
So yes, OS X is based on the NeXT system.