Navigate This Site

Philip Ramsey Headlines

Monday, February 22, 2010

Technology Review: Corporations, agencies infiltrated by 'botnet'

This article on Technology Review paints a scary picture of the consequences of using computers in an insecure fashion. Almost all these malware infections could easily be avoided if Microsoft were to educate Windows users on proper security procedures, write code with security as the #1 concern and encourage security practices. For instance, Windows XP Home edition, is impossible to make secure as the Administrator account has no password, is hidden from the user and is not accessible to local users but is accessible from the internet. Microsoft also allows users accounts to be created without a password. On Windows XP, the default for new user accounts is being a member of the administrator group. Windows Vista and 7 has implemented a security feature that has been a part of Linux for many years - only one user created user account may be a member of the administrator group.

In comparison, Linux will only install once a password is assigned to root (Linux version of Administrator). New users may only be created once a password is assigned to the user. Only root may install globally accessible software or configure the system's devices. However any user may invoke root if they know root's password. So Linux starts teaching users how to use the computer securely from the installation process. Also, in Linux, all new users has very few privileges. This means that even when a Linux user encounters a Linux specific malicious software (virus, trojans etc.) it cannot be installed without the user's knowledge and assistance by providing the password for root.

Powered by ScribeFire.

No comments:

Post a Comment