digg

Facebook Connect Join Digg About

Windows Vista no more secure than XP: report

arstechnica.com A new report blasts Vista, saying that it's "equally at peril" compared to Windows XP. The report is instructive, but also contains some considerable flaws that show the difficulty of assessing Vista's new security architecture.

Who dugg this? Made popular May 31, 2007

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

92 Comments

show profanity settings
expand all
  • flag564, on 10/11/2007, -14/+109Oddly enough there was a study not that long ago that said the opposite, and that it was safer than Macs.

    So what does that tell you?

    That none of these clowns know what they are talking about, and it is up to you to be a smart computer users no matter what you use.
  • screamthenrun, on 10/11/2007, -11/+70Thats too bad considering my XP machine hasn't had any problems/viruses... etc. all you need is some knowledge of computers and some good virus software

    (and yes... i use linux too)
  • desistere, on 10/11/2007, -3/+38Umm.. I'm confused. Has anyone RTFA?

    "In all, the CRN report finds that Vista was as good as XP in seven categories and better in four others (notably, Spyware/Adware, Obfuscated Code Exploits, RDS Exploits, and Trojans). Importantly, it was never outperformed by XP, and just as importantly, these tests were carried out using default settings."

    Not only that, the whole article catalogues the biased nature of the study (against Vista).

    "Indeed, while the CRN report is informative, it lacks much critical information to support its judgment that Vista is only a minor improvement."

    "CRN doesn't report on the effects it observed."

    "CRN doesn't tell the whole story with such exploits, however."

    "CRN's coverage complete ignores this point and fails to test for its effectiveness. "

    "It was also disappointing to see CRN completely ignore the issue of buffer overflows, which has been addressed well in Vista by most accounts."
  • kheldorin, on 10/11/2007, -2/+34Yeah the article is more about critizing CRN for their poor analysis of Vista rather than actual analysis of Vista's security system.
  • gcnaddict, on 10/11/2007, -11/+34What did they do, turn off UAC?

    I wouldn't be surprised if CRN was funded by, say, Symantec. Buried as speculatory inaccuracy.
  • ccaazz, on 10/11/2007, -15/+38next article title: "bear did ***** in woods : report"

    also your article is flawed, as it doesnt try and enable any of the advanced security settings that can be set in vista to make it more secure?
  • Anrkist, on 10/11/2007, -11/+32"equally at peril" - If people only realized it's the avg, unassuming computer user who is in peril. People who know how to use their system can secure it just fine. These are the same people who will never use Linux.. and may eventualy switch to Mac because Windows is "To confusing".
  • Burritoking924, on 10/11/2007, -11/+29@flag564

    I'm with you.

    http://digg.com/microsoft/Hell_freezes_Windows_listed_as_most_secure_OS

    http://www.internetnews.com/security/article.php/3667201
  • inactive, on 10/11/2007, -7/+22Yes I have tried Ubuntu. I prefer Windows. If I had MUCH more free time, the chances that I would use Ubuntu, or linux in general, would be far greater.

    Linux enthusiast ask "Why not switch?" and all of the Windows users, who don't experience crashes, who can run any program they wish to, who are already familiar with the operating system, ask "Why switch?".

    You have to be computer illiterate in order to have a windows system which crashes, which has adware / viruses and you would have to be silly to even pay for it. :) So, to me, I just don't see the necessity or advantage of switching to the beloved Ubuntu except in very few circumstances.
  • xed122333, on 10/11/2007, -2/+15Horribly misleading title, from the title it sounds like the author has a negative view on Vista's security, when at the end of the article the author admits Vista is more secure than XP. He spends most of his time criticizing some one else's report on Vista security.
  • inactive, on 10/11/2007, -5/+12If you're going to spam a website address, at least try to counter it with a decent comment.
  • Spuy767, on 10/11/2007, -6/+13The simple fact is that 95% of computer users are not people who know how to manage a computer properly. They're the people who blindly download a file that the virus on grandma's computer sent them that they think is a picture of a cute kitten licking its ***** but is actually a trojan or virus that steals personal info and/or generally pwns their machine. IT people like me and others on this board will never really have a virus problem, normal people will, until they consciously make a choice to change operating systems.
  • mbthompson, on 10/11/2007, -1/+7The most important part of the article is:

    "Indeed, while the CRN report is informative, it lacks much critical information to support its judgment that Vista is only a minor improvement. For instance, it's not enough to know if an exploit "got through" IE. What happened afterward? Did it modify system files, corrupt the registry, or deliver some other payload? CRN doesn't report on the effects it observed. We cannot know if the scripting exploits really bypassed Vista because CRN doesn't tell us what the scripts did. There's a big difference between 1) a script exploit running and then installing a rootkit in XP and 2) a script exploit running in Vista but failing at installing that same rootkit. CRN makes no distinction."

    Basically the study is flawed and does not provide enough information to back up what it claims. In other words, nothing to see here, move along until someone does it right.
  • Hedegaard, on 10/11/2007, -1/+6How many windows users or computer users in general need to bridge connections? The problem with the "just click and bridge" in windows is that it has next to no flexibility (and it not that easy to troubleshoot when it doesn't work). In Linux you have complete control over what happens with your network, it will work exactly as you want it to. Actually that's the reason for me to use Linux - the aspect of complete control. For most everyday usage Linux is ready, for advanced use it's more than ready.

    But I'm not digging you down - you do have some valid points and there are always more than one side to an argument.
  • inactive, on 10/11/2007, -1/+6marginal security advantages over XP" according to tests completed by CRN

    Really far as i'm concerned marginal security is better than anything Xp could give me..Seems playing with words makes this guy feel smart.

    Gee must be the cup is half full or half empty dilemma........please all this is Hog wash

    I have been running Vista Ultimate since i was gifted with a the special Edition Bill Gates signed Copy of Ultimate Vista copy ..And i have had no problem running it 24/7 on websites, Data research, Blogging, watching and reordering TV shows with Vista Media, using it as an extender over Wi-Fi with my Xbox 360 console. Burner movies and games. VOIP...You name it. I have taken liberties to hook mine up to a router ( wireless ) also my Web provider is hooker to a wireless router.....So to me security is not even an issue...................

    I'm only running on 1 gig of ram -Pc 3200, Intel Pentium 4 2.8 with hyper threading , a MCE5000 card and an HD tuner card, and a Nvidia 7950 GS over clocked BFG Graphics Card...........Great for Gaming until i get Sappire's new Direct X 10 AGP card :)

    I have been living on cloud 9 ( i used to have Windows Media Center Sp2 )since getting Vista Ultimate , so no i have had no issues whatsoever
  • PixelVision, on 10/11/2007, -1/+5exactly. It's like not using seatbelts, then comparing it to a car with no seatbelts and saying it's the same.
  • diablozx9, on 10/11/2007, -7/+11Have you tried Linux recently ????
    All Linux fans have tried Windows...
  • diggduggjoe, on 10/11/2007, -1/+4I will assume that the UAC will be disabled. Even I find most firewalls to be irritating. I discovered having a limited user for web browsing to be far more empowering. I just dump the user folder when it gets too hot. However, the limited user seems more of a logical definition than a strong lockbox that the *nixs have created. Far too many users are admin level when accessing the Internet. That is insane. I just cleaned a malware infected box due to that specific problem.

    The fact is Windows is a single user OS that is trying to use the registry and a set of logic to figure out which user you are and act accordingly. Too much software croaks on single user mode directly due to the legacy of DOS. This is improving, but even a single app will steer a user to administrator mode.

    Unix variants simply make your login the parent and everything else you do is limited. Most software is designed for such systems and fully understand the standard users' limitations and seldom will you find yourself cursing that you are not root/administrator.

    That is the issue in a nutshell. The average standard generic everyman on a *nix box will have nearly 100% of their apps work. On Windows, some proprietary app critical to the operation of the business will require admin rights. I will admit that some of those are legacy apps, but that is specifically the problem. *nix legacy apps are multi-user while many Windows apps are not.
  • tnoy, on 10/11/2007, -2/+5I'm a windows user.

    I, like many other windows users, are aware of the problems with Windows, that Linux is free, that Linux is more secure, etc, etc, etc. A lot of use just dont give a *****. I switched to Linux for about a year and a half, and while it was able to do most everything I needed, there were still a lot of comprimises that I had to make. Hardware that was unsupported, games that I could not play, software that I already had and was familiar with that I could not use.

    I have *NO* problems with XP or Vista; I've never gotten a virus or a malware infestation. I've only had a few bluescreens with XP and none so far with Vista. The bluescreens I did have with XP were due to a hardware failure, which went away when replaced. It caused Linux to halt, too.

    I'm not afraid of Linux, I just dont have a reason to switch. There are many things about Linux that I like better, but as a desktop it only does about 90% of what I want. Windows does 100%. Why should I settle for less?

    Why are Linux users so afraid of Windows users not having a reason to switch to Linux?
  • wageslaven, on 10/11/2007, -1/+4This is digg. The article matters not. Put something up that the digg-bots conformity agrees with, and voila -- front page you go!

    Here's a couple tips for getting a post on the front: Anti-MS gets you straight to frong. Pro Nintendo & Apple language, straight to the top. For politics, its Ron Paul and Libertarainism.
  • Conservationist, on 10/11/2007, -2/+5No operating system is secure. Too many lines of code. But the real question is who's going to educate Windows and Mac users (who normally aren't all that interested in learning about their machines; they just want 'em to work) about good security practices? That's the real question, because if we don't educate them, the botnets will continue... and so will the spam.
  • PueSi, on 10/11/2007, -4/+7Ubuntu might be more secure, more stable i don't thinks so because my windows installation is as stable as it gets unless there's something more stable than not crashing ever. Most if not all of the BSOD (which are extremely rare nowadays) are because of a faulty piece of hardware (bad ram) or ***** drivers.And i don't have to restart over and over only when you install certain drivers which is not something you do everyday not even every month.

    Also, security is important but it's not the only thing that's important, i personally like the Windows interface better, i don't like to use weird commands that i don't understand just to be able to see the desktop. I know it's faster but it's not intuitive, you have to know exactly how to do it. Using a more graphical approach you can click around until you find the way.
    I'll give an example, on the network manager that comes with Ubuntu you can't bridge connections just by clicking, you have to do some weird code thing (that's what i ended doing) instead of the just selecting the connections you want to bridge and clicking "Bridge Connections".
    You have to understand that just because you like it more does not mean that everybody does.
    Windows is going to be No. 1 for quite some time because Linux needs to change their approach if they want to be truly noob friendly and OSX runs only on Macs.

    Now you can digg me down all you want.
  • ruz322, on 10/11/2007, -0/+3@flag
    That article is also not comparing Windows security features to the features of linux:

    said in its latest research report that when it comes to widely-used operating systems, Microsoft is doing better overall than its leading commercial competitors.

    Linux does not qualify for "Widely-used" or "commercial so therefore that article is not valid. Please give me one decent article or educated post that declares that Windows is more secure than open-source and I'll accept your viewpoint.
  • bossfrog, on 10/11/2007, -2/+5You know, the whole thing about ***** Windows security puzzles me. My computer has been perfectly fine ever since XP SP1. The only thing I run is the firewall in my router. I've never had a virus and only occasional spyware, which is not an OS security issue and is easily remedied.
  • wageslaven, on 10/11/2007, -2/+4"Badmouthing Microsoft is the tech community's favorite pastime. "

    No. Badmouthing MS is what ignorant mouth breathing know-nothings do on the interweb. If you've got a ***** clue, you dont run off at the mouth with the same tired tropes over and over and over and over again.

    "MS is tha suxors" isnt what the "tech community" bothers writing Im sure. The Technology Industry doesnt keep MS the most valueable Technology Company on the planet because they "suxors".

    If I want advice about technology, I can promise, I dont come to digg -- no other sane person should either.
  • Wang, on 10/11/2007, -1/+3If you don't use any of the new security features, then of course you will have the same types of risk that you faced on XP. Enable the new features...that's what they are there for....
  • MioTheGreat, on 10/11/2007, -1/+3"You can see this easily when comparing Apache to IIS. The former has the majority market share but the latter is exploited the most. "

    It should be noted that there have been about 3 IIS6 exploits (Maybe one critical) in the last 4 years, and no IIS7 exploits since Vista's launch.
  • conna, on 10/11/2007, -1/+3To the average idiot this report will convince them that they need to go buy Norton......
    It would not surprise me any if this propaganda was sponsored by a security company.
  • inactive, on 10/11/2007, -15/+17Nice try Apple fags. You have two way more intelligent users who (thankfully) have rebutted your article after that I'm sure you only posted because its been a day of seeing how garbage Apple really is.
  • Bossman1086, on 10/11/2007, -1/+3The only way I could see this being true is if they turned off UAC. If you do that, well, you deserve what you get.
  • Penta5, on 10/11/2007, -0/+2To quote the aarticle: "Any business that is deploying Vista (or XP) without an antivirus solution is, of course, out of its mind." Apple has been doing just that since its inception. I have been online with a Mac since 1989, never had virus protection and have never experienced a virus; never!
  • mbthompson, on 10/11/2007, -2/+4Um, I'm a Windows (Vista, XP, 98, 3.11) user, and I have Ubuntu Feisty Fawn installed on a laptop downstairs and don't plan on changing it. So uh, yeah, you're wrong.
  • adolfojp, on 10/11/2007, -2/+4@cynicist (#6950309)

    OS 9's security was a joke. This also applies to previous versions of that operating system. Can you explain why, other than low market penetration, there were almost no attacks directed at that computational platform?
  • Inqu, on 10/11/2007, -2/+4Welcome to the wonderful world of Digg, where titles are nothing more than a means of whipping haters/fanboys into a frenzy.
  • inactive, on 10/11/2007, -1/+2I just upgraded to Vista the other day, not by choice, I couldnt get past the activation with the copy I had, but I am so far pretty content with it, I tried it before, lasted for 2 days before back to XP, but i'll currently stick with Vista, plus dx10.
  • skyscape, on 10/11/2007, -2/+3Can you freaks stop posting these useless topics. No one cares. It's not like everyone is a stubborn ass keeping old technology. XP is done, it over, its useless, quit trying to always brining it up to surface.
  • inactive, on 10/11/2007, -1/+2Because you installed a POS application. Install AVG Free etc.
  • Inqu, on 10/11/2007, -1/+2@fallenomen

    If you had read past the first line and not taken it out of context, you would have seen that he wasn't touting Linux at all.
  • cynicist, on 10/11/2007, -0/+1@ adolfojp

    I didn't say low market penetration wasn't a factor... Heres a question for you though. Do you think if OSX had the same market share as Windows XP enjoys right now it would have just as many if not more exploits made for it?

    @ MioTheGreat

    I guess it should also be noted that apache hasn't had a significant exploit in years.
  • chieferer, on 10/11/2007, -5/+6@specialk

    "It is irrelevant what people knows or what they do with their computers"

    Actually, i beg to differ. I am relatively tech savvy and i have had 1, maybe 2 moderate-serious infections in the past ~2 years. My sister, on the other hand, has no knowledge about computers and has had more infections than I can count.

    "especially considering Microsoft, that makes the most used OS in the world"

    Which right off the bat makes it more prone to viruses. Mac and Linux are most likely inherently more secure than Windows. I use most likely because we will never know for sure until they have received the same amount of usage as Windows. I also use the word inherently because Windows can be very secure if you know what you are doing. Who knows - maybe viruses and such can be coded for Linux and Mac just as easily, but no one has put in the effort because you would infect virtually no Linux systems (anyone capable of running Linux is capable of knowing what not to do) and very few Macs (for the simple reason that there are very few).

    - I don't get where you were going with your comment...
  • XaeroVincent, on 10/11/2007, -0/+1Windows Vista is more secure than XP. It has Mandatory Access Control, ASLR, heap protection, NX, protected kernel access, etc. Only some Linux distributions have these and more: RedHat and Fedora. Distributions like Ubuntu have nothing like this included out-of-the-box and neither does XP.
  • Scourge, on 10/11/2007, -0/+1Command and Conquer 3 runs perfect with wine other than a few shader problems...
    http://appdb.winehq.org/appview.php?iVersionId=7440
  • stockjones, on 10/11/2007, -1/+2Put anything in the hands of general users who may not be the most savy about using their computers and they'll eventually gunk it up. Dont all of you remember when Firefox was new and everyone claimed how it was impenetrable to security exploits etc. Now that its grown in popularity it deals with all the same issues and more. The same would happen to linux if say you had a 95% user base on the desktop. Our $250,000 Unix server is more secure, but its sitting in a tempature controlled computer room, cut off from the internet, very restricted user interface to data on it and it sits only on the local network. Gee go figure.
  • justnick, on 10/11/2007, -2/+3cool, can you tell me how to run need for speed carbon with wine? No. How bout command and conquer 3? No.

    I use Linux as my main OS but keep windows around for gaming and other windows only stuff. I love Linux and WiNE is great but it is not an end all solution for everything. Don't be a jackass.
  • Theli, on 10/11/2007, -0/+1@flag564
    "http://digg.com/microsoft/Hell_freezes_Windows_listed_as_most_secure_OS"

    Just to reiterate a point made in the comments following that particular article...
    The article never listed Windows as the most secure operating system. It only said that Microsoft fixes vulnerabilities sooner after their discovery. It's quite a stretch going from that to "Windows listed as most secure OS".
  • Spr0k3t, on 10/11/2007, -2/+3Buried for signature spam.
  • nreisan, on 10/11/2007, -2/+3why dont many more advanced users of vista/xp switch to ubuntu/insert favourite linux distro/osx?

    here is what i think, we dont get virus's, we don't get adaware, we dont get spyware, because we know what we are doing, so windows works perfectly well for us, RUNS everything we want, plenty of choice. no problems.

    If i go to linux, sure i might be getting some security that we can debate whether we really need it. And i can get less, less choice in programs, games, hardware, all sorts.

  • FyberOptic, on 10/11/2007, -3/+4Blah blah blah, let's write a FUD report to get some more readers. Badmouthing Microsoft is the tech community's favorite pastime. Microsoft made lots of improvements, as well as considerable effort, to improve Vista. Cut'em some slack. If you don't like it, stop using Windows, and go whine about all the applications you can't run anymore like every other Microsoft hater.
  • inactive, on 10/11/2007, -0/+1No computer, connected to the Internet, is fully secure. Hackers will always find bugs. It's just that more people use Windows.

    Just look at Firefox. Once the "most secure browser;" now that everyone uses it, it is always coming out with security fixes.
  • slipgate, on 10/11/2007, -0/+1This is stupid. Anyone who has used Vista knows its more secure than XP. Love Vista or Hate it but its without a doubt more secure. The article is just trying to provoke attention - which i guess is working.

  • Fetching more discussions...
    Show 51 - 95 of 95 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.