First, the Architecture is irrelevant, x86, PPC, Sparc, 32bit, 64bit, etc. You consider an Architecture based on the requirements of your computational needs ie: engineering, scientifice, GIS, military, Finance, Office work, Gaming, etc.
At issue, is the Operating System (called an OS Platform) that is run on that (semi-conductor) Architecture.
Microsoft Windows was never originally designed with any security or multi-user (at the kernel) functions, this was by design. The purpose of MS Windows was to run Personal Productivity Applications. With that in mind many components have been added on to improve 'Productivity' such as DCOM, ActivX, VBscript, etc. With the addition of tens of thousands of known code flaws, and many many (even years later) un-patched bugs in the Executive Layer of the Windows OS and in the User Space components (some are even deliberate: DirectX for example now has hooks to the ring0 privilege), Microsoft made a tacit invitation to be attacked and exploited.
And so it has been from the early DOS/Windows 3.1 days all the way to WindowsXP. The Windows OS, regardless of any Architecture it's running on, will be attacked and mangled within seconds of direct network / internet exposure (and no, your $150.- DLink firewall will not protect you). There are also rumors that Microsoft has been in secret court proceedings to stop the publishing of a number of OS 'holes' that cannot be fixed, but public knowledge of them would be devastating to any Government or business running the Windows OS.
While the Windows OS tacks on basic security and multi user functions, each itineration of Windows requires twice the hardware of the previous version, and any deployment must also take into account the localized overhead of realtime Antivirus, Antispyware, AntiSpam, and Firewalling software products, thus increasing the TCO and long term maintenance costs considerably.
This is stark contrast to almost all other Operating Systems available today (embedded, desktop, appliance, server, supercomputer), commercial or Opensource. They have one thing in common: they are Unix based or Unix derivatives.
Unix from it inception was networked AND multi-user, thus security was an absolute must, and it has been. Though still not perfect, OS's like Solaris 10, SCO 6, Linux, Debian, AIX, OSX, HP-UX, etc, have more security built in, from the ground up than MS Windows will ever have. And after thirty years of maturity, it's only getting better. Yes they are attacked, but very diffucult to penetrate, and just as difficult to do any damage to (unless your SysAdmin is a complete bonehead).
The often used excuse by Microsoft evangelists is that if Unix had 90% desktop share, it would be just as hacked is a false hood and a snowjob. It is defence by appology for being so pervasive (successful!), the accusation is that Uinx has "Security through Obscurity" is a blatant attempt to deflect Microsofts OS problems from its poor conceptual design and bad coding practices, which have resulted in an OS that is deeply flawed and broken.
Windows is still the most popular desktop operating system in the world, for now. Those fortunes could easily change. so for Sophos to recommend users to give thought to an alternative computing environment was an act of considered responsibility. And given that Sophos is a cross Platform and cross Architecture software vendor for whom MS Windows probably accounts for the larger percentage of its world wide sales, I don't think they harbour the same Anti-MS venom as for instance Oracle.
I've been in the IT and IS computer industry for over fifteen years, serving businesses and corporations on Unix and Windows. Unix I enjoy, it's brain food, MS Windows gives me ulcers but steady employment.
PS: Not now and not ever will MS Windows be a secure OS, let alone be able to compete against Unix/Linux vis-a-vis security. Windows problems will only get worse, that is historical fact.
At issue, is the Operating System (called an OS Platform) that is run on that (semi-conductor) Architecture.
Microsoft Windows was never originally designed with any security or multi-user (at the kernel) functions, this was by design. The purpose of MS Windows was to run Personal Productivity Applications. With that in mind many components have been added on to improve 'Productivity' such as DCOM, ActivX, VBscript, etc. With the addition of tens of thousands of known code flaws, and many many (even years later) un-patched bugs in the Executive Layer of the Windows OS and in the User Space components (some are even deliberate: DirectX for example now has hooks to the ring0 privilege), Microsoft made a tacit invitation to be attacked and exploited.
And so it has been from the early DOS/Windows 3.1 days all the way to WindowsXP. The Windows OS, regardless of any Architecture it's running on, will be attacked and mangled within seconds of direct network / internet exposure (and no, your $150.- DLink firewall will not protect you). There are also rumors that Microsoft has been in secret court proceedings to stop the publishing of a number of OS 'holes' that cannot be fixed, but public knowledge of them would be devastating to any Government or business running the Windows OS.
While the Windows OS tacks on basic security and multi user functions, each itineration of Windows requires twice the hardware of the previous version, and any deployment must also take into account the localized overhead of realtime Antivirus, Antispyware, AntiSpam, and Firewalling software products, thus increasing the TCO and long term maintenance costs considerably.
This is stark contrast to almost all other Operating Systems available today (embedded, desktop, appliance, server, supercomputer), commercial or Opensource. They have one thing in common: they are Unix based or Unix derivatives.
Unix from it inception was networked AND multi-user, thus security was an absolute must, and it has been. Though still not perfect, OS's like Solaris 10, SCO 6, Linux, Debian, AIX, OSX, HP-UX, etc, have more security built in, from the ground up than MS Windows will ever have. And after thirty years of maturity, it's only getting better. Yes they are attacked, but very diffucult to penetrate, and just as difficult to do any damage to (unless your SysAdmin is a complete bonehead).
The often used excuse by Microsoft evangelists is that if Unix had 90% desktop share, it would be just as hacked is a false hood and a snowjob. It is defence by appology for being so pervasive (successful!), the accusation is that Uinx has "Security through Obscurity" is a blatant attempt to deflect Microsofts OS problems from its poor conceptual design and bad coding practices, which have resulted in an OS that is deeply flawed and broken.
Windows is still the most popular desktop operating system in the world, for now. Those fortunes could easily change. so for Sophos to recommend users to give thought to an alternative computing environment was an act of considered responsibility. And given that Sophos is a cross Platform and cross Architecture software vendor for whom MS Windows probably accounts for the larger percentage of its world wide sales, I don't think they harbour the same Anti-MS venom as for instance Oracle.
I've been in the IT and IS computer industry for over fifteen years, serving businesses and corporations on Unix and Windows. Unix I enjoy, it's brain food, MS Windows gives me ulcers but steady employment.
PS: Not now and not ever will MS Windows be a secure OS, let alone be able to compete against Unix/Linux vis-a-vis security. Windows problems will only get worse, that is historical fact.
M.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/243/1193#1193