It's time to ditch Windows, which one is your next OS?

Thursday, June 03, 2010

Ray Tan

85ac6feb584b665e85664974c546cfec

According to the Financial Times, "Google is phasing out the internal use of Microsoft’s ubiquitous Windows operating system because of security concerns, according to several Google employees.

The directive to move to other operating systems began in earnest in January, after Google’s Chinese operations were hacked, and could effectively end the use of Windows at Google, which employs more than 10,000 workers internationally."

“We’re not doing any more Windows. It is a security effort,” said one Google employee.

“Many people have been moved away from [Windows] PCs, mostly towards Mac OS, following the China hacking attacks,” said another.

New hires are now given the option of using Apple’s Mac computers or PCs running the Linux operating system, employees wanting to stay on Windows required clearance from “quite senior levels".

Although Windows remains the most popular operating system in the world by a large margin, with various versions accounting for more than 80 per cent of installations, Windows is known for being more vulnerable to attacks by hackers and more susceptible to computer viruses than other operating systems. The greater number of attacks on Windows has much to do with its prevalence, which has made it a bigger target for attackers.

Would it make any difference if the victims were running Linux or any other operating system if an attacker can conduct  such a sophisticated attack? It is not the matter of OS,  their target is the user. Linux, Windows, Mac, whatever–everything has weaknesses. Especially the users of those systems.

Besides Windows, we have other choices,Windows, Mac OS, and others, which one is your next OS? Change your OS or educate the users?

Reposted from Topsight

9451
Operating Systems
Post Rating I Like this!
Default-avatar
Jason Elizaitis I think you're incorrect about Windows being more vulnerable. For the average home user, who does not have proper patching or security measures in place, such a blanket statement may be correct, but Windows, when patched and configured correctly is very secure. It's not a trusted BSD, but it is vastly superior to OSX or Linux variants. For reference check out how long OSX lasts in the Pwn2Own contests. It would have made 0% difference what OS google was using. It didn't help that they were compromised because of IE6, (what was it doing on their production machines?) but if you are targeted by sophisticated attackers it is not a matter of if you will be compromised, it is a matter of how long and will you be aware of the attack.
1275591459
Default-avatar
Cr00zng Around Google switching away from MS OS is just one of the signs of the two behemoth going at each other. What these two will be doing matters not for most end users or corporations for that matter.

For the last 10-15 years, there's always been some "news" that this will be the year when people will dump MS in favor of "X" (not necessarily OSX). Then they look at other OS's, evaluate the available applications, the training cost, do the ROI, and renew their volume license with MS for another 3-5 years. In the meantime they write their story on a Win OS with MS Office, praising the "next best thing" after MS.

Jason pretty well covered the security differences between the different platform and I agree. There isn't much in capable hands. For the average home users, well, it'll make no difference if the platform is MS, MAC, Linux, or whatever. The results are the same...
1275612110
85ac6feb584b665e85664974c546cfec
Ray Tan Well, I do not think it is a matter of OS, the users who use the OS is the key point.
They need to learn more on how to protect themselves from being compromised.
1275622592
1de705dde1cf97450678321cd77853d9
Ian Tibble As a Windows user you are more at risk that an OSX user, or some BSD variant. As echoed by others, including John Viera at McAfee - this is because there are more windows instalments in the world, and particularly offices.
I see hits on my website as having grown from 80-20 Windows to non-windows, to 60-40 these days. When it goes to 40-60, we'll see malware being written for Mac OS X like there's no tomorrow.
Also, just as for anti-virus, patching windows is now less and less of a defence. The bug that they used to hit Google was a zero day. There are hordes of undisclosed vulnerabilities with Windows. Patching isn't going to help against these threats. "configured correctly" - yes it helps, but then you can say that about any OS.
The problem with Windows is that you absolutely need to run vulnerable services with SYSTEM or similar privileges - so any buffer overflows against these services will result in game over. With Unix's you can find more flexibility in the configuration. The kernel runs as root...apart from that you can really strip things down if you want.

I don't think it makes any difference which OS google chooses. Just because they choose to go with *nix, they cannot just now forget about malware. Anyway the reality is that it will take years to migrate - and they may just give up along the way. Moreover, the costs of securing a company with a choice of OS...it's going to be way higher than just risk management with one standard build OS.

Google was compromised because they thought that anti-virus and patching was enough. They did not, as Jason mentioned configure correctly their boxes. They will have the same problem with Linux or Mac or whatever.



1275644260
Default-avatar
Warren Goff I think Google has more than adequately proven that the Windows operating system is insecure as they were easily able to hack wifi networks and abuse the public's privacy (sure, accidentally). How anyone can trust an operating system developed or recommended by Google is beyond me but what do I know?
1276465802
1f2f664e68a603b3c54890fbbcd37857
Mark Gardner Hi Ray. I posted on this subject on my personal blog here (http://markg1975.wordpress.com/2010/06/01/google-os/)

I also think that Windows is attacked because it dominates the market so much. 95% of the OS market is a huge attack vector. As we see other OS' such as Mac and Linux, and maybe even Google Chrome market share increasing, attacks on these may increase.

For example, Apple just sent a security update for Snow Leopard. This had patches 64 vulnerabilities - many of which seemed to be under the radar. Don't imagine this would ever happen to Microsoft, as the disclosures in the past few weeks have shown.
1277458674
314f19f082e69886c20e31c70fe6dceb
Rod MacPherson I first played with Linux in 1994. At that time I was dissatisfied with Win 3.11 and used OS2 Warp as my primary OS. By 2001 I had tried every version of Windows, a number of Unix variants and eventually settled on Linux. (though I was still experimenting with different flavors of it. ... but i had given up on Everquest and had no reason anymore to keep any form of Windows around.

At the time I was working for a Linux based ISP so I had no need of windows for software compatibility with the office.

In 2002 I switched jobs. Moved to a Windows based office, and as time went on I began to slowly give in. At first I tried to fight it by going Mac, but with my last PC purchase (a netbook) I gave in and kept the Windows install along-side 2 versions of Linux. This allows me to do things like connect to the IE-only web apps at work. My desktop/media server is Linux only, and I still have the Mac, but it never gets used.
1277953650
A762974cfbb0a2faea96f364d653cbc6
Michael Menefee Rod, you raise an interesting point.

I think that many of us are now multi-OS people by nature of our own personal history/needs and -yes- video game support:)

The interesting thing here I think is support for the "apps" we need, and less the OS we choose...

As programming languages/compilers/apps and frameworks become more OS agnostic, the focus on which OS we decide on will eventually diminish--the smart ones among us will select the OS that allows us to more easily alert us to and update the apps we use to accomodate security or performance related issues.

I think this is where Ubuntu has done an excellent job in the Linux Desktop market, Gentoo on the server side (for the most part) and this will continue to be a trend
1277954460
A762974cfbb0a2faea96f364d653cbc6
Michael Menefee I must also raise the question of "Will Microsoft be able to keep up with the Opensource trend" driving many of the applications/frameworks in use....

Of course, I think they will have to, it's a matter of when it will become critical to the success of their business model.

An interesting note on this topic: Cisco's entrance into the iPad-type market with their "Cius"...you may ask what the hell a company like Cisco is doing in this market--I think they're being smart
1277954667
314f19f082e69886c20e31c70fe6dceb
Rod MacPherson Michael, I too am a fan of Ubuntu. Some call it the beginner's Linux and snicker at the idea of using it for serious work, but I picked it as a better supported and more current version of Debian, which I had already grown quite fond of.

Gentoo was a fun romp back in the days when waiting a while longer for software to compile before installing wasn't a big deal for me, and it definitely taught me a lot about the inner workings of all my software and hardware.

Really I think of OSes, like all software, as tools to accomplish a task, and tend to just pick the one that seems to fit the task I want to accomplish best.

If I want to play Diablo 1 I fire up Windows 98 in a VM, if I want to monitor Wifi traffic I boot up Backtrack.

If I were in the publishing business I'd be a bigger Mac user.

I do tend to favour cross-platform apps over single platform, for, I hope, obvious reasons. I'm not a big web based applications guy though. I do like to have Open Office installed, rather than running Google docs. I know that this all describes the typical IT geek's take on the OS wars, but I wonder how long, if ever, it will be till the average Joe also becomes comfortable switching between OSes.

Currently my employer has an interest-free loan program to buy computer equipment, intended to encourage people to learn at home. They have had to put a stop to Mac purchases on this plan because people were buying Macs then requesting that Macs be installed at work because they were not comfortable or familiar enough with how to do things in Windows.
1277958290
A762974cfbb0a2faea96f364d653cbc6
Michael Menefee Rod,
That's a funny story about Macs in this discussion, as it occurs to me the importance of Microsoft in the enterprise environment..

Not in the Windows aspect, but in that of Active Directory, SCCM, .NET and Office...aside from RBAC and any real audit management capabilities, Microsoft will dominate the Network Operating System market for some time, dictating (for many organizations) the necessity (if not requirement) for Windows OS at some level...

1277959635
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.